New Feature Highlights
Password Safe version 5.7 improves on key features and capabilities in session management, and password management with unmatched levels of security, accountability and control.
Session Review Enhancements for Faster Compliance and Easier Administration
Organizations often times need the capability to review privileged sessions, whether live or forensically. This review capability is especially important in large environments or in highly-regulated organizations – such as in the financial services industry – where there are specific compliance requirements for access monitoring. PowerBroker Password Safe version 5.7 has added several new capabilities enabling the review and approval of sessions. With Password Safe, designated viewers can access the session review capability, watch a session recording, indicate they have reviewed the session, and acknowledge that the session was authorized. Once that acknowledgement has been made and the system owner signs off on the activity, the approval is logged for auditing purposes.
Going one step further, Password Safe version 5.7 also adds embedded playback controls, and enables administrators to make notes in the session as they sign off on the activity. Finally, Password Safe version 5.7 includes the capability to search keystrokes and export video frames through an API to OCR platforms.
These session monitoring and review enhancements serve to speed session review times, lower the administrative burden of auditing review activity, and simplify compliance.
Multi-System Checkout Simplifies Administration
In larger or complex environments where many system updates must frequently be made to systems requiring privileged credentials, administrators need a more efficient process to perform those updates. Rather than requiring administrators to submit multiple requests to check out the same account for different systems, Password Safe version 5.7 introduces a new multi-system checkout capability. This enhancement enables administrators to check out the account with a multi-system parameter and rapidly launch sessions to linked systems with a few clicks.. This new capability improves the efficiency of multi-system requests and simplifies bulk system administration.
Post-Login Command Execution Improves Control Over Activity
To improve the security of critical systems and sensitive data, many organizations have implemented host-based controls that limit what commands can be executed once a privileged session has started. Password Safe version 5.7 extends this control, by providing better automation around the ability to run specific commands when an SSH proxy session is opened. With Password Safe, administrators can leverage a Unix or Linux Jumphost to run a specific command or script after the session connects. Use cases include menus, backup scripts, command delegation, and remote command execution (when used in conjunction with PowerBroker Unix/Linux). This new capability enables a greater level of control over user activity in an SSH session.
Account Password Sync Simplifies Credential Rotation
Managing accounts where there is a required password relationship can be problematic to password rotation. Consider a common use case: An account logs in to a Windows system using domain credentials, then a mid-range system uses the same credential as a pass-through to custom applications. When the primary account’s password changes, the secondary account’s password should change too. Password Safe version 5.7 solves this challenge with new account password sync capabilities.
Password Safe version 5.7 also includes the following enhancements to further improve usability:
- Email notifications when an access policy is invoked.
- API enhancements adding full CRUD administrative capabilities and SSH key handling.
- Service account enhancements to improve logging and emailing.