Features Randomize Privileged Passwords
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Randomize Privileged Passwords - Hitachi ID Privileged Access Manager

Hitachi ID Privileged Access Manager secures sensitive passwords by periodically randomizing them:

  1. On push-mode servers and applications:
    1. Periodically -- for example, every night between 3AM and 4AM.
    2. When users check passwords back in, after they are finished using them.
    3. When users request a specific password value.
    4. In the event of an urgent termination of a system administrator.

  2. On pull-mode systems -- such as laptops or rapidly provisioned VMs:
    1. Periodically -- for example, every day.
    2. At a random time-of-day, to prevent transaction bursts.
    3. Opportunistically, whenever network connectivity happens to be available from the workstation to a central server.


Watch a Movie

Randomizing privileged passwords on laptops and other mobile devices


Play movie

Content:

  • On mobile devices, the endpoint initiates the password change process.

Key concepts:

  • Password changes initiated on the endpoint can be performed even when the device is off-site, behind a firewall, etc.
  • Randomized timing improves reliability and reduces peak transaction volume.
  • A minimal software footprint is required on the endpoint device.

Randomizing privileged passwords on fixed IT assets


Play movie

Content:

  • On servers and other fixed devices or applications, no local software is required.

Key concepts:

  • Password changes are initiated on an HiPAM server and are scheduled to happen, as often as hourly.
  • Randomized password values are stored in a secure, replicated vault at a minimum of two physical locations.
  • No software is installed on systems.