Forensic Audits - Hitachi ID Privileged Access Manager
In rare instances, an administrator is caught doing harm and is
consequently terminated. When this happens, all of the administrator's
past actions come into question and need to be reviewed carefully.
This is a forensic audits. Without special technology deployed
in advance, forensic audits can be quite difficult to carry out
and will only yield limited results.
- Privileged Access Manager includes a session monitoring capability, that
records administrative logins to privileged accounts.
- When to enable session recording and the scope of the recoding
(i.e., just the login window, the administrator's whole desktop,
webcam snapshots, etc.) is a configured through policy.
- By default, session recordings are archived indefinitely.
- String access controls and workflow approvals protect
recordings against unauthorized search and playback.
Using Privileged Access Manager, administrator actions can be recorded, archived
and played back, creating detailed accountability.