- Static Passwords:
One of the key benefits of Hitachi ID Privileged Access Manager is to eliminate static passwords on privileged accounts by automatically changing these passwords -- by default, daily.
- Secure Credential Storage:
Encrypting and replicating stored credentials, to prevent unauthorized disclosure, service interruption or data loss.
- Administrator Accountability:
Hitachi ID Privileged Access Manager makes IT staff accountable for changes they make to systems and applications by recording who connected to what system, when and even by recording their login sessions.
- Reliable Authentication:
Requiring IT staff to provide strong proof of identity, using multiple credentials, before they can request, approve or use elevated access.
- Business-appropriate Access:
Pre-authorized access for platform administrators and other frequent users.
- One-time Access to Privileged Accounts:
Grant access to developers, vendors or IT operations staff on a need-to-know basis rather than persistently.
- Connecting Users Without Disclosing Passwords:
Various mechanisms for connecting authorized users to privileged login sessions.
- Forensic Audits:
Hitachi ID Privileged Access Manager can record login sessions to privileged accounts and replay these recordings in the context of a forensic audit.
- Scaling Up:
In large organizations, it is not feasible to configure Hitachi ID Privileged Access Manager manually. Instead, an auto-discovery capability is needed to find servers and accounts where Hitachi ID Privileged Access Manager should randomize passwords and control logins.
- Securing Windows Service Accounts:
Managing passwords on Windows service accounts is challenging because of the need to coordinate password changes among Windows, Active Directory, Service Control Manager and more. Hitachi ID Privileged Access Manager automates this process and allows organizations to frequently change service account passwords.
- Securing Embedded Accounts:
Hitachi ID Privileged Access Manager includes an API designed to enable applications to replace embedded, plaintext passwords with secure access to the vault.