Skip to main content

Implementing privileged access management

Large organizations may have thousands of workstations, and hundreds of servers and applications running on multiple platforms. This complexity leads to numerous security problems.

IT assets often have multiple sensitive passwords such as administrator passwords, service passwords, application passwords. These passwords commonly do not have expiry enabled, although they should. Changing these passwords can be time-consuming because of the large number of IT assets, users who need to know the passwords, and configuration interfaces, scripts, or programs that may contain hard coded passwords.

Bravura Privilege secures target system credential passwords on servers and workstations by periodically randomizing them, while maintaining the ability of IT staff to retrieve current credentials for devices into which they must log in. You can also use Bravura Privilege to store passwords for managed systems that must be managed manually.

Bravura Privilege has the following features:

  • Frequent password randomization eliminates static, shared passwords and controls former IT staff knowledge of passwords

  • Access controls limit who can see passwords

  • Logging and reporting of access disclosure facilitates audit compliance and faster troubleshooting

  • Encryption secures passwords in storage and transit so that physical compromise will not expose passwords

  • Replication ensures passwords are stored on multiple servers in different sites so that password access and security survives server failures or site disasters

  • Trusted SSH key management eliminates the use of passwords when accessing accounts on Unix systems

In this section: