Reshaping Privileged Password Management with Password Safe 5.2
Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development.
New features for mitigating password risk and ensuring accountability enterprise-wide
Here’s the 10,000-foot overview of what’s in the new release: Most prominently, Password Safe 5.2 is fully integrated into our BeyondInsight risk management platform, which augments the solution’s ability to mitigate password risks and audit privileged sessions with enterprise-class capabilities not seen in competitive solutions. These include:
- Asset and Account Discovery: delivers enterprise-wide visibility and control by automatically identifying and profiling systems and accounts to bring under management
- Dynamic Rules and Asset Groupings: streamlines management of large environments
- Data Warehouse: enables historical correlation, trending and analysis of key metrics for audit and compliance needs
- Password Age Report: enables customers to identify stale passwords that could be in possession of former employees, partners or other stakeholders
- Role-Based Access Control (RBAC): supports a lightweight, self-service portal for requesting password access, managing requests, and replaying recorded sessions
That’s just the start of it. BeyondInsight, included with version 5.2, enables customers to manage Password Safe in concert with our other BeyondInsight-supported solutions. This means there’s a common management console, shared asset and account data, shared data warehouse for reporting, and several other points of integration.
What drives us? You (and your end users) do.
Making effective products is pretty simple when you listen to your customers. I’ll give you one example: When planning to add session management capabilities to Password Safe, we spoke with several organizations that had other solutions but were not satisfied with the results. End users accustomed to rich, purpose-built applications like PuTTY or Remote Desktop Connection/Manager (RDCMan) were suddenly saddled with Java-based web apps for session monitoring – binding them to a browser for SSH and RDP connections; introducing security and usability concerns; and requiring constant updates with the associated compatibility hurdles.
We therefore challenged our product team to proxy a connection to a remote server for session monitoring while allowing users to leverage native connection tools (and ensuring end-to-end security at the same time). In the end, we did just that. We showed what we had to the organizations we previously interviewed and many have already switched over to Password Safe.
Of course, this release is not just about making life easier for end users. It’s about empowering IT operations to better understand and reduce risk. Password Safe 5.2 does this by:
- Delivering a rich, distributed asset discovery engine backed by years of R&D and tested via our other solutions on networks with millions of assets
- Making it simple to discover and profile all known and unknown assets, shared accounts, user accounts, and server accounts
- Keeping passwords and accounts secure with new reporting and analytics capabilities for understanding password ages and identifying potential backdoors
- Enabling administrators to view a system’s risk score and known vulnerabilities prior to approving access to a password or session (requires Retina CS)
It also means you can start with a standalone, best-of-breed privileged password management solution, and then easily add integrated AD bridging modules for authentication, privilege management modules for command elevation and task elevation; auditing modules for change control, and vulnerability management modules for gauging asset risk.
This is about the sm of the parts, a unification of our solutions into a consolidated platform that improves security while simplifying the daily activities of our customers.