BeyondTrust Privileged Remote Access Vault Whitepaper

Whether a vendor, database administrator, network engineer, or privileged insider, you can rely on BeyondTrust Vault to securely store credentials needed to access your critical business systems. BeyondTrust Vault fits seamlessly into your privileged session workflow because it is integrated directly with the Privileged Remote Access (PRA) solution. Users do not need to learn to use another tool or even exit BeyondTrust to retrieve passwords. With just one click in the Privileged Remote Access access console, users can select the correct credential from the dropdown and log directly into the endpoint - without ever having to know or even see the actual password.

In this document, we cover the following topics:

  • Vault Configuration: Enable the user permissions needed to start using BeyondTrust Vault.
  • Credential Discovery & Import: Find and track privileged accounts commonly used by your privileged users and import them into the BeyondTrust Vault.
  • Adding Credentials Manually: Manually add shared and personal generic accounts into the BeyondTrust Vault.
  • Credential Grouping: Use account groups to logically group vault accounts and grant users access to multiple accounts at one time.
  • Credential Rotation: Rotate passwords, manually or automatically, after each use.
  • Check In and Check Out: Retrieve credentials for use outside of a BeyondTrust session.
  • Credential Injection: Inject credentials into a remote system directly from the BeyondTrust access console.
  • Reporting: View and track credential activity, including the use of shared credentials.