Native replication features in Oracle and Microsoft databases do
not meet all of the above conditions, so application-level
replication is preferable. Hitachi ID Privileged Access Manager includes appropriate
replication technology out of the box.
Background: Securing Privileged Accounts
Consider an organization which operates 1000 servers and where there
are 5 administrator-level accounts on each server. To secure these,
a privileged access management system may choose a new, random
password for each of the 5000 accounts daily. This process improves
Ensuring that users only know the sensitive passwords they need
to do their jobs.
Compromise of a single password / login ID / system does not
lead to compromise of any other systems.
Limiting the time period during which a user has administrative
In other words, randomizing privileged passwords daily supports
basic security principles:
Users who need access to a privileged account must first authenticate
themselves, before connecting to the application or server in question.
The privileged access management system has an opportunity to apply
access control rules and/or approval processes before connecting the
All sessions are logged, making IT users accountable
for changes made on systems to which they had privileged access.