News
BeyondTrust Solves the Problem of Remote Privileged Password Changes
February 2015 by Marc Jacob
BeyondTrust®, the global cyber security company dedicated to proactively eliminating data breaches from insider privilege abuse and external hacking attacks, today announced that the newest versions of PowerBroker for Windows and PowerBroker Password Safe have the ability to integrate to create an enhanced least privilege experience for IT staff and end users. As organizations try to balance security and productivity to remain competitive, these solutions help prevent the abuse of privileged credentials while shortening access request processes.
Seamless Integration of Privilege Management and Enterprise Password Management
Despite the benefits afforded by enterprise password management and least privilege technologies, each have their shortcomings as isolated solutions. Updating passwords for intermittent, remote or mobile systems remain a challenge for customers that need to conduct business while on the move. Without instant updates, the capabilities and benefits of enterprise password managers are quickly negated. And in some cases, the only way for privilege management tools to properly elevate application privileges is to use a real username and password combination with administrator permissions. This problem then requires the distribution of these credentials to users, which defeats the purpose of least privilege policies.
To overcome these obstacles, PowerBroker for Windows 6.7 now integrates with Password Safe 5.4 to create an industry-unique approach to solving remote password change challenges and elevation of applications for real user credentials. The result is a process for account password changes at any time, in any location, and to overcome the limitations of network segmentation. The integration can process username and password combination requests and “Run As” commands with no user intervention. This technique allows instant access to applications and never exposes the username or password to the end user. The result is quicker access to critical applications and reduced security risk.
“In our forthcoming survey, findings reveal that more than a quarter of organizations still have no controls over access privileges,” said Marc Maiffret, chief technology officer, BeyondTrust. “While companies realize tools are available to reduce their security risk related to privilege management, many feel that implementation has an adverse effect on employee productivity. With our integration of privilege management and enterprise password management solutions, we can address these challenges to provide ease of mind for stakeholders while facilitating employee productivity.”
New Features for PowerBroker for Windows 6.7:
· System and agent tamper protection capabilities are extended to protect local user accounts
· Patented Vulnerability-Based Application Management (VBAM) now processes registry entries and DLL’s that are called and associated with vulnerabilities to improve risk compliance
· Simplified installer option allows enterprises to install the dedicated privilege management capabilities they need without deploying a dedicated server
New Features for PowerBroker Password Safe 5.4:
· The ability to specify a stored SSH/DSS key against an account to authenticate users automatically onto proxied sessions
· Supports managing local services started by managed Active Directory accounts, ensuring services will start successfully however many times the passwords are changed at the back-end
· New API enhancements and extended platform/device support increase flexibility and security
Both solutions are part of the BeyondInsight IT Risk Management Platform, an integrated suite of privileged account management and vulnerability management solutions that provide IT and security teams a single, contextual lens through which to view and address user and asset risk.
