News
Delinea Secret Server Introduces Additional Security Features and Enhances Disaster Recovery for High Availability
November 2022 by Marc Jacob
Delinea announced new enhancements to the Secure Shell (SSH) Cipher Suite and Secure File Transfer Protocol (SFTP) tunneling of Secret Server, its award-winning PAM solution. Further additions to disaster recovery capabilities help ensure Secrets data and permissions are available even during a disruption.
In 2021, 82% of breaches involved the human element; including the use of stolen credentials, phishing, misuse, or just error, according to the 2022 Verizon Data Breach Investigations Report. By centralizing privileged credentials in an encrypted password vault, organizations can significantly reduce human-centered risk.
Additional layers of security for a stronger enterprise vault
Enhancements to the SSH Cipher Suite provide customization of the ciphers used when making SSH connections for various tasks such as credential discovery, password changes, or heartbeat. Heartbeat provides up-to-the-minute monitoring of passwords and credentials, and triggers alerts if they are changed outside of the vault or without knowledge. The new SSH Cipher Suite features allow users to easily set availability and application order for key exchange, MAC address, and encryption algorithms, allowing organizations to tailor ciphers to meet their best practices and increasing the security of the connections made through the vault. Admins can also easily remove old or non-approved ciphers and avoid remediation work should those ciphers be highlighted in a vulnerability scan.
The introduction of a new option for using SFTP tunneling with Filezilla and WinSCP clients now enables administrators to transfer files to target machines using either client, while credentials remain safely in the vault. This feature increases security when transferring files, as it avoids direct access to privileged credentials and offers admins additional flexibility without disrupting their normal workflow.
Enhanced disaster recovery for Secrets resiliency
Expansion of high availability and disaster recovery (HA/DR) features focus on providing availability of access and permissions during an outage. These enhancements include the ability to replicate local and domain users, groups, file attachments, and Secret/folder permissions, providing a standby vault with all permissions in place. HA/DR functionality supports all types of scenarios—cloud to cloud, on-premises to on-premises, cloud to on-premises, and on-premises to cloud.
This release also includes enhancements to the advanced session recording agent, advancements in the user interface (UI) to improve ease of use, and customized internal communication options through the UI via a configurable global banner.
