Organizations that can’t effectively find, manage or monitor privileged credentials could end up with a serious data breach on their hands. And the most devastating breaches not only capitalize on compromised privileged access credentials, but also leverage system vulnerabilities to inflict additional damage. Many IT organizations use shared accounts for privileged users, administrators or applications so that they readily have the access they need to do their jobs. If inadequately managed, these credentials pose significant security and compliance risks stemming from either the intentional or accidental misuse of shared privileges.
Some systems have embedded or hardcoded passwords, opening up additional opportunities for misuse. Unfortunately, most IT organizations struggle to balance accountability of shared privileged accounts with user productivity.
With BeyondTrust PowerBroker Password Safe version 6.4 and McAfee ePolicy Orchestrator(ePO) version 5.9.x, IT organizations can take control of privileged credentials and access policies by managing everything through a single console.
Together with BeyondTrust, we are able to provide a seamless management solution that allows users to better understand and take actions against privilege-based risks.
– D.J. Long, Head of McAfee Security Innovation Alliance
Discover and Onboard Assets into PowerBroker Password Safe Directly from McAfee ePO
McAfee ePO provides synchronization options to identify whether a system is currently under management by Password Safe, and if desired, an unmanaged system may be onboarded directly from the ePO console.
Add/Remove Managed Accounts from the ePO console
By selecting any Password Safe managed system, new accounts may be brought under management, or existing accounts unmanaged directly via contextual actions.
Launch Secure Sessions Through the ePO Console
PowerBroker Password Safe offers customers the ability to remotely connect to devices and endpoints without knowledge of the credentials being used. From the McAfee ePO console, the user can select a Password Safe managed system, and then select an action to automatically launch an SSH or RDP session to the asset without displaying the credentials.
Release Privileged Credentials Through the ePO Console
With this feature, a user who has logged into the ePO console can select a system, and then select a managed credential they are authorized to retrieve the password for.
Manage and Rotate Account Passwords on Selected Devices
From within the McAfee ePO console, a user can select one or more systems, and choose to cycle the passwords for all associated managed accounts.
Pass McAfee ePO Tags as Keyword Attributes in Password Safe
Systems in PowerBroker Password Safe may be tagged with specific keywords from ePO Tags. This allows Smart Rules to dynamically group assets for such actions as quarantine, or role reassignment.
Solving Privileged Password Management Use Cases
The integration between PowerBroker Password Safe and McAfee ePO addresses several critical use cases for organizations looking to gain control over all privileged accounts:
- Deliver a lightweight client that integrates with your existing environment to manage privileged passwords
- Provide a single platform for managing privileged sessions
- Enable password management and rotation from a single console
- Audit and report on all privileged activity and privilege sessions
PowerBroker Password Safe: Privileged Password Management
PowerBroker Password Safe is an automated password and privileged session management solution offering secure access control, auditing, alerting and recording for any privileged account – from local or domain shared administrator, to a user’s personal admin account (in the case of dual accounts), to service, operating system, network device, database (A2DB) and application (A2A) accounts – even to SSH keys, cloud, and social media accounts.
- Password Safe offers multiple deployment options and broad and adaptive device support.
- Secure and automate the process for discovering, managing and cycling privileged account passwords and SSH keys
- Control how people, services, applications and scripts access credentials
- Auto-logon users onto RDP and SSH sessions, without revealing the passwords
- Record all user and administrator activity in a comprehensive audit trail
- Alert in real-time as passwords are released and privileged session activity is started
McAfee ePO: A Single Console for All Your Security Management Needs
McAfee ePO is the most advanced, extensible, and scalable centralized security management software in the industry.
- Get a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile, and networks
- Simplify security operations with streamlined workflows for proven efficiency
- Utilize flexible security management options with on-premise and cloud-based management versions
- Leverage your existing third-party IT infrastructure from a single security management console with an extensible architecture
Read the complete Data Sheet!