Skip to main content

Recording Login Sessions - Hitachi ID Privileged Access Manager

Where Hitachi ID Privileged Access Manager launches a user's login session, it can be configured to record screen, keyboard and other data while users are connected to privileged accounts. The recording may be of just the window launched to connect a user to a privileged account or of the user's entire desktop.

The session recording system is tamper resistant -- if users attempt to interrupt recording, their login sessions to privileged accounts are disconnected and an alarm is raised.

Session recordings may be archived indefinitely and may serve a variety of purposes, ranging from knowledge sharing and training to forensic audits. Access to recorded sessions is secured through a combination of access control policies and workflow approvals, designed to safeguard user privacy.

The Privileged Access Manager session monitoring infrastructure is included at no extra cost. It works using ActiveX components and does not require software to be permanently installed on user PCs. There is no footprint on managed systems and no proxy servers are used.

Session monitoring is compatible with all administration programs and protocols, as it instruments the administrator's PC, rather than network traffic. Recordings can be made of SSH, RDP, vSphere, SQL Studio and any other administrative sessions launched via Privileged Access Manager. Recordings can include key-logging, video, webcam, copy buffer and more, based on policy settings and without regard to the type of session (protocol, client tool) that was launched.

Watch a Movie

Request, approve, and playback recorded session

Play movie


  • Recorded sessions may contain sensitive or private data. They are protected in Hitachi ID Privileged Access Manager by a combination of access controls and workflow approvals. An auditor must first request the right to perform a search of recorded sessions. Once this has been approved, he must select a session and request access to the recording. Only when this second request is approved can he download and play back the session.

Key concepts:

  • Securing access to recorded sessions.
  • Search using meta data and keyboard input.
  • Approvals for both search and play-back.

Read More:

page top page top