In the previous two posts , we discussed the casual manner in which privileged passwords are shared among various works groups in enterprises and the security threats and drawbacks associated with such ‘casual sharing approach’ in detail.
Let us now discuss how we can effectively overcome the perils of password sharing:
All the threats associated with the shared administrative passwords, can be easily mitigated using a good ‘Shared Account Password Management’ (SAPM) software available in the market. The SAPM solutions act as the alternative for the traditional, inefficient and insecure password management processes. They provide an automated, policy-driven solution for shared administrative password management.
The SAPM solutions enable enterprises to establish a secure process for the entire life-cycle of administrative password management. They help securely store administrative passwords in a centralized vault and provide access through a web-interface. Access controls are well-defined – users will be allowed to retrieve only those passwords that are allotted to them; NOT all passwords of the enterprise.
All passwords will have well-defined ownership – the owner alone will have absolute privilege on the passwords. Unless the owner shares the passwords, no other user will be permitted to view the passwords. The owner can share the passwords with others granting granular permission for various actions – password retrieval, reset etc., If an administrator leaves the organization, de-provisioning of passwords can be done instantly.
At any point of time, one can get a clear picture of ‘who’ has access to ‘what’ resources. When an administrator accesses a shared privileged password, audit trails are generated.
Thus the anonymity and the disorder created due to the traditional process are completely eliminated. If something goes wrong, user actions could be easily traced to individual users. The SAPM solutions help establish a secure connection to the target systems and reset the passwords whenever required or automatically through scheduled tasks.
With an SAPM solution in place, IT Managers can ensure strict internal controls and comply with regulations; enforce standard policies, processes and practices. Whatever be the number of privileged passwords – thousands or millions, storing, sharing, accessing and changing them will be a breeze. Security threats arising due to password sharing are completely eliminated.
Password Manager Pro, a trusted SAPM solution!
Password Manager Pro (PMP) is a web-based, Shared Account Password Management (SAPM) Solution for enterprises to control the access to shared administrative passwords of any ‘enterprise resource’ such as servers, databases, network devices, applications etc. PMP enables IT managers to enforce standard password management practices such as maintaining a central repository of all passwords, usage of strong passwords, frequent changing of sensitive passwords and controlling user access to shared passwords across the enterprise.
Try Password Manager Pro and securely share your enterprise passwords!
ManageEngine Password Manager Pro
Quick Video | Free Trial Download | White Papers | Success Stories