Skip to main content

Hitachi ID Privileged Access Manager

About Hitachi ID Privileged Access Manager

Hitachi ID Privileged Access Manager is a system for securing access to privileged accounts. It works by regularly randomizing privileged passwords on PCs, servers, network devices and applications. Random passwords are encrypted and stored in two or more replicated credential vaults. Access to privileged accounts may be disclosed:

  • To IT staff, after they have authenticated and their requests have been authorized.
  • To applications, replacing embedded passwords.
  • To Windows PCs and servers, which need them to start services.

Password changes and access disclosure are closely controlled and audited, to meet policy and regulatory requirements.

Business Challenge

In an organization with thousands of IT assets, it can be difficult to securely manage access to privileged accounts:

  • There can be thousands of privileged passwords.
  • Administrator passwords exist on each device and application.
  • It is difficult to coordinate changes to shared passwords.
  • When there are many shared, static passwords, former IT staff can retain sensitive access after leaving an organization.
  • It can be difficult to trace changes back to individuals who made them.

Solution and Features

Privileged Access Manager secures privileged accounts across the IT landscape and at large scale:

  • It periodically randomizes passwords to privileged accounts.
  • Users must sign into Privileged Access Manager before they can access privileged accounts. This is an excellent opportunity to require strong, multi-factor authentication. This also allows organizations to apply a central authorization policy -- who is allowed access to which account, when and from where?
  • Privileged Access Manager launches login sessions on behalf of users, without displaying passwords -- single sign-on.
  • Privileged login sessions can be recorded, including screen capture and keyboard capture. This creates strong accountability and forensic audit trails.

page top page top