Enterprise IT Management, Network performance management, IT Servicedesk, Desktop Management, Datacenter Management, Server Management, Log Analysis and Security Management, Network Tools, ManageEngine Blogs

Are you worried about security breaches & identity thefts?

vbala — Fri, 20 Nov 2009 21:39:13 -0800

Shocking stories of security incidents and identity thefts of various kinds worry you? Read our article on 'Combating Cyber Security Threats' in Express Computer:

http://www.expresscomputeronline.com/20091123/technology04.shtml

Bala
ManageEngine Password Manager Pro

Information Security, the biggest challenge before Indian Enterprises: Survey

vbala — Thu, 5 Nov 2009 22:45:08 -0800

Reputed marketing firm IDC (India) Ltd has come out with a survey whose results should serve as an eye opener for all enterprises. The survey was commissioned by security solutions provider Symantec India.

The survey reveals that:

About 80 per cent of Indian enterprises have agreed that loss or theft of critical data is a serious information security risk they face after threats from viruses and hackers
16 per cent of the enterprises admitted to have lost data in the recent past for various reasons, including unaware users, malicious insiders and external threats from hackers and cyber-criminals
About 60 per cent of employees who recently changed jobs reported taking confidential data from their previous employer. This included customer lists, employee records, non-financial information. The top three ways data is lost are through CDs,DVDs and USB drives.

What are the causes?

The survey results once again lend credence to the belief that a good proportion of the cyber threats are being caused by the insiders of the enterprises - either disgruntled staff or greedy techies or sacked employees.

It is also increasingly becoming clear that stolen identities could be serving as the ‘hacking channel’ for many cyber-crimes and improper management of the administrative passwords could potentially remain at the root of a good number of security threats. Many security breaches might stem from lack of adequate password management policies and internal controls.

How do we avoid cyber threats?

Not all security incidents could be prevented or avoided; But, the security incidents that happen due to lack of effective internal controls are indeed preventable. Enterprises should take preventive action to combat cyber-criminals and to ensure information security.

What preventive steps could an enterprise take?

Read this paper "Combating Cyber Security Threats" from ManageEngine Password Manager Pro and share your feedback

Details of the survey as published in the media..

Bala

ManageEngine Password Manager Pro

Combating Cyber Security Threats - ManageEngine Password Manager Pro Advisory

vbala — Tue, 3 Nov 2009 21:53:40 -0800

Hi,

Of late, cyber-criminal activities across the globe have assumed such grave proportions that all enterprises - big and small, are exposed to security breaches and identity thefts of various kinds. Many sabotage were found to have been caused by the insiders of the enterprises - either disgruntled staff or greedy techies or sacked employees.

Lack of well-defined internal controls and access restrictions generally pave the way for security incidents. Particularly, as stolen identities seem to have served as the ‘hacking channel’ for many cyber-crimes, improper management of the administrative passwords is believed to be at the root of a good number of security threats.

Security experts strongly believe that many security incidents (though not all) are actually avoidable by placing access restrictions and well-defined password policies.

From ManageEngine Password Manager Pro, we have released an advisory, which discusses the causes of security incidents in detail and suggests ways to effectively tackle the challenge.

You may download the advisory from:
http://www.manageengine.com/products/passwordmanagerpro/combating-cyber-threats-advisory-paper-request.html

Bala
ManageEngine Password Manager Pro

Australian Catholic University Deploys ManageEngine Password Manager Pro for Password Access Control

vbala — Mon, 24 Aug 2009 06:03:19 -0700

Hi,

Password Manager Pro has earned the business and goodwill of scores of customers worldwide. Its deployment has immensely benefitted businesses in many ways.

Australian Catholic University (ACU), one among the premier institutions in Australia with campuses at six different locations, has deployed ManageEngine Password Manager Pro to provide web-based, centralized access to privileged passwords to its geographically disparate IT team. ACU has achieved complete password access control and enhanced internal security.

“With Password Manager Pro, managing the growing list of system passwords has become much simpler. We have done away with the insecure practice of keeping the passwords in printouts. Password Manager Pro has improved our performance and overall security of the systems we manage on a daily-basis, ” says Mark Laffan - Team Leader - Network & Communication Systems, ACU National.

For detailed information, take a look at the case study published in our website.

Bala
ManageEngine Password Manager Pro

Password Manager Pro bags top honours from SC Magazine for the second time in a row

vbala — Sun, 9 Aug 2009 23:39:50 -0700

Hi,

Greetings!

For the second consecutive time, ManageEngine Password Manager Pro has earned top honours in SC Magazine's Group Test of various password management solutions. Password Manager Pro has earned a perfect 5 out of 5 star rating again. The review has concluded that Password Manager Pro offers solid value for money.

In its group test, a hands-on review of ten competing Privileged Password Management solutions, SC Magazine, the world's longest running monthly publication on information security, has awarded the five star rating for Password Manager Pro. The review results have been published in the August 2009 issue of the magazine.

The review states that the product is quite easy to install and use. "After installation, the initial configuration is done by a guided workflow that assists in getting the product up and integrated with the environment. We found this whole process quite intuitive and easy to follow. Further management is done via the web GUI. We found the GUI to be easy to use with a well-organized layout".

The review asserts: "This product is a solid value for the money. ManageEngine Password Manager Pro offers a solid set of features in an easy-to-use, workflow-based format"

Complete review report can be accessed from:
http://www.scmagazineus.com/Zoho-Corp-ManageEngine-Password-Manager-Pro/Review/2931/

Details of the Group Test Password Management:
http://www.scmagazineus.com/Reviews/section/107/

In the previous group test done in November 2008 too, Password Manager Pro got the perfect 5 out 5 star rating.

We feel elated on receiving this coveted rating for the second time in a row and take this opportunity to thank all our customers for their continued support.

Bala

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ManageEngine Password Manager Pro
Enterprise Privileged Password Management Solution
www.passwordmanagerpro.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Do you reveal enterprise passwords to your colleagues?

vbala — Thu, 2 Jul 2009 08:12:22 -0700

Have you ever revealed the administrative password of an enterprise resource to your colleague? And do you strongly believe that your passwords remain secure even after telling others? If so, you must read this interesting survey done by SecurEnvoy.

The survey results reveal that 75% of UK employees have admitted that they have told at least two other colleagues their corporate passwords.

SecurEnvoy states that while workers are trusting of their colleagues, it may not be a great idea to share passwords so easily since it can compromise one’s entire work life.

The concern raised in the survey is well-founded. Enterprises - big and small, face security issues and outages quite often. After all, mis-management of administrative passwords lies at the root of all security issues.

It is always good to avoid sharing of administrative passwords. But, what if your business needs demand that you seletively share passwords with others and yet ensure high levels of security? Caught in a catch-22 situation, right?

But take heart, you have ManageEngine Password Manager Pro for your rescue. Using this Enterprise Password Management Solution, you can store thousands of administrative passwords in a centralized repository and selectively share the passwords with others. You can have the trail of 'who', 'what' and 'when' of password access. The passwords are shared, yet remain highly secure. Exactly what you want!

To know more, visit www.passwordmanagerpro.com

Bala

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ManageEngine Password Manager Pro
Enterprise Privileged Password Management Solution
Email: passwordmanagerpro-support@manageengine.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Managing Website Login Credentials using Password Manager Pro

vbala — Thu, 15 Jan 2009 03:30:24 -0800

Hi,

Greetings!

Do you face problems in remembering the credentials of website login accounts?
Do you have a large number of web accounts and wish to automatically login to the sites without manually entering the user name and password?

ManageEngine Password Manager Pro is there to help you!

By simply storing the URL of the web page and the login credentials, you can launch direct connection to the required website from Password Manager Pro. That is, the URL of the website would be visible in Password Manager Pro and upon clicking that you will be logged in to the website directly.

We have published a step-by-step tutorial on how to implement this feature. Along with the textual explanation, the tutorial contains a two-minute video presentation at the end. Don’t forget to check that out!

Bala

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

ManageEngine Password Manager Pro

Enterprise Privileged Password Management Solution

Email: support@passwordmanagerpro.com

Toll Free: +1 925 924 9600

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Password Manager Pro Wins Top Honors in SC Magazine's Group Test of Password Management Solutions

vbala — Thu, 27 Nov 2008 23:06:23 -0800

Hi,

Greetings!

In its group test, a competitive, hands-on review of nine competing Privileged Password Management solutions, SC Magazine, the world's longest running monthly publication on information security, has awarded top honors to ManageEngine Password Manager Pro.

With the coveted "SC Magazine Recommended" rating, Password Manager Pro earned 5 out 5 stars in all test categories — features, performance, ease-of-use, documentation, support and value for the money.

"Ease of deployment, small software footprint and superior pricing make ManageEngine Password Manager Pro our Recommended product," states the review. The Magazine has concluded that Password Manager Pro provides excellent value for the money.

Complete review report can be accessed from:
http://www.scmagazineuk.com/ManageEngine-Password-Manager-Pro/Review/2654/

Details of the Group Test Password Management:
http://www.scmagazineuk.com/Password-management-2008/GroupTest/155/

We feel elated on receiving this coveted rating and take this opportunity to thank all our customers for their continued support.

Bala

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ManageEngine Password Manager Pro
Enterprise Privileged Password Management Solution
Email: support@passwordmanagerpro.com
Toll Free: +1 925 924 9600
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Password Manager Pro Tutorial: Leverage Active Directory Integration to Optimize Password Access Management

vbala — Mon, 24 Nov 2008 07:51:31 -0800

Hi,

Greetings!

In the tutorial series of Password Manager Pro, here comes one more. By leveraging the 'Active Directory Integration' support provided by Password Manager Pro, you can optimize password access management and read on the Tutorial below to know how!

Bala

Leverage Active Directory Integration to Optimize Password Access Management

The Challenge

One of the fundamental capabilities of PMP is strict access control, where password owners can define who can access and do what operations on shared passwords. Quite often, we find from our customers that they have a few password owners having to manage the access permissions to passwords shared by many people across various groups. This can get very tedious and error prone if each of the password owner has to manage access for individual users, especially with people moving across groups or leaving the organization.

The Solution

A better solution is to have administrators create user groups in PMP and manage access to the user groups instead of individual users. But user group management itself can be quite a task, even for a medium sized organization with hundreds of users and user groups.

This is where PMP's strong integration with Active Directory helps administrators to completely automate user access management. They can leverage user group management capabilities of AD and make PMP use the same user group definitions from AD. For these user groups, only the access permissions are defined in PMP and the users that are part of the groups are derived from what is defined in AD.

For example, if the AD has user groups named Finance Admins, Finance Users, Executives, Engineers, Sales etc., PMP not only imports user information from AD, but also the user groups. Any change made to the user groups in AD could be automatically updated in PMP as well, in as fast as one minute.

With the user subscription to the user groups taken care reliably, all that the password owners have to ensure is provide appropriate access permissions to the user groups. Subsequently, when a user is moved across groups or gets deleted in AD, the change is immediately reflected in PMP and the user will automatically lose all permissions that was inherited. In addition, PMP audits all these events, generates notifications and provides in-depth reports to administrators to ensure they are always in control when it comes to password access control.

Steps Involved

The screen shots below explain how to set this up:

Importing user groups from AD

Go to Admin >> Active Directory and click the button “Import Now” in Step 1

[caption id="attachment_111" align="aligncenter" width="636" caption="AD User Group Import"][/caption]

Setup AD synchronization

Go to Admin >> Active Directory and click the button “Import Now” in Step 1

[caption id="attachment_131" align="aligncenter" width="636" caption="AD Synchronization"][/caption]

Setup access permissions to the user groups

Go to Resources/Resource Groups tab, select the required Resource/Resource Group, in the drop-down for sharing, select “Share with User Group”

[caption id="attachment_141" align="aligncenter" width="611" caption="Access Permission"][/caption]

Setup alerts and monitor activity

Go to “Resource Groups” and click the password action notification icon

[caption id="attachment_151" align="aligncenter" width="1001" caption="Password Access Alerts"][/caption]

Go to “User Audit” and click the link “Configure Audit”

[caption id="attachment_161" align="alignnone" width="1001" caption="Audit & Notifications"][/caption]

Help Documentation Links:

http://manageengine.adventnet.com/products/passwordmanagerpro/help/active_directory_integration.html

http://manageengine.adventnet.com/products/passwordmanagerpro/help/sharing_resources.html

http://manageengine.adventnet.com/products/passwordmanagerpro/help/password_action_notifications.html

http://manageengine.adventnet.com/products/passwordmanagerpro/help/audit_notifications.html

Ensuring Compliance to SOX - White Paper

vbala — Wed, 10 Sep 2008 22:24:39 -0700

As you may be aware, the enterprises that deal with public funds are required to comply to Sarbanes-Oxley (SOX) Act. Organizations are looking for a single, complete, low-cost, enterprise-wide solution that could take care of all their SOX-compliance needs.

From ManageEngine Password Manager Pro, we are glad to release a white paper titled ‘Ensuring Compliance to Sarbanes-Oxley through Privileged Identity & Information Management‘.

This White Paper discusses the SOX compliance challenges and the problems faced by the IT administrators, who are mandated with the task of ensuring compliance to SOX. It explains how Privileged Identity and Information Management (PIIM) solutions could ensure effective internal controls and serve the enterprise-wide SOX-compliance needs.

Download the white paper from here and let us know if you find it useful.

Bala

ManageEngine Password Manager Pro

Enterprise Privileged Identity & Information Management Solution