Skip to main content

Audit Logs - Hitachi ID Password Manager


No security process is perfect. Given enough time, enough systems and a sufficiently large user population, some security compromise is likely to happen. Password management, and authentication processes in general, are no exception to this rule.

To mitigate the business risk of a security compromise in an authentication process, it is important to introduce audit trails. Audit trails record all security transactions, and allow the organization to follow up on what actually happened after a suspicious event takes place.

Audit trials can be combined with real-time alerts, for example using e-mail, instant messaging or telephony / text messaging, to trigger rapid investigation and automatic system defences, such as intruder lockouts.

Audit trails are a core responsibility of a password management system. Events such as authentication attempts and failures, successful and failed user enrollments, successful and failed password updates and more should all be logged, and should all be able to trigger real-time alerts.

Hitachi ID Password Manager Logging

Over 300 events, including authentication success and failure, intruder lockouts and security change requests and approvals, for both users and administrators, are logged by Password Manager.

All log data is directed to an internal database table (a session log), which includes time, date, event type, target system ID, requester user ID, recipient user ID, administrator ID (if any), results and any error messages.

Logging data is retained indefinitely. It is accessible directly in the database table and can also be exported via SQL or as a CSV file.

Every logged event can also trigger "external systems notification." Binary integration programs are provided to propagate event data to Remedy ARS, HP Service Manager, various other incident management systems, ODBC databases and e-mail (via SMTP).

Events can also trigger execution of a program on the Password Manager server, which could interface with an infrastructure management system using SNMP traps, for example.

All logged data is available both using a web-based reporting system built into Password Manager and using direct access to log data by an authorized Password Manager administrator.

Read More:

  • Secure Password Management:
    Passwords are only as good as the weakest link in the password management process.
  • Locking down Password Manager:
    Protecting the Password Manager server, its data and its communications against attack.
  • Password Policy Enforcement:
    Password Manager can enforce a global password policy, ensuring that users choose hard-to-guess passwords, never reuse passwords, and change their passwords regularly.
  • Security vs. Usability:
    The human factor is important when formulating password policies and designing authentication processes.
  • Consistent Authentication Processes:
    Social engineering attacks, packet sniffing and other mechanisms can be used to compromise password security without having to directly crack passwords.
  • Delegating Password Reset Privileges:
    Delegating just the right to reset password to help desk staff or managers, without giving them other, unneeded rights.
  • Audit Logs:
    Audit Trails and transaction logs create accountability in security processes.
  • Authentication Options:
    Authentication processes supported by Password Manager for securely logging in users.
page top page top