Hitachi ID Privileged Access Manager is network security software designed specifically to address the problem of insecure, static and well-known administrator passwords.
- Randomize Privileged Account Passwords:
Eliminate static, well-known passwords on privileged accounts through both scheduled and event-triggered randomization.
- Securely Store Passwords:
Encrypted and replicated storage of passwords, to prevent unauthorized disclosure and ensure continuous access, even in the event of a disaster.
- Policy to Control Access:
Both pre-authorized and one-time access is defined using robust policies, based on user identity, session context and the type of access requested.
- Flexible Access Disclosure Mechanisms:
Multiple strategies to grant users elevated access, ranging from password display and single sign-on to temporary security group membership and command execution.
- Session Recording:
Capture video, keyboard input and other data to create a detailed forensic audit trails of the usage of privileged accounts.
- Secure and Monitor Vendor Access:
Require vendors to connect with 2FA, request each session and wait for approval, and be subject to session monitoring, in real time and/or in archived video.
- Change Windows Service Account Passwords:
Automatically discover the dependency between Windows services and service accounts, to support periodic password changes and reliable injection of new passwords into subscribers such as IIS and SCM.
- Secure Application-to-Application Passwords:
Replace static passwords embedded in configuration files and registry entries with secure API calls that fingerprint applications to authorize access, regularly scheduled password changes and cryptographic protection for storage and transmission of credentials.
- Reports, Dashboards and Analytics:
Monitor use of elevated privileges across the organization and identify high-risk scenarios.