The first step in managing privileged accounts is finding the accounts you don’t know exist. Manual processes and errors can lead to accounts that are unknown and unmanaged by IT. With IBM Security Secret Server, you can automatically scan your entire IT infrastructure to discover privileged, shared, and service accounts. This sensitive information is then stored in an encrypted centralized vault to ensure proper protection using advanced encryption standards. Password policies can be implemented and enforced on every account. You’ll gain full visibility and control over every privileged account in your environment.
Curb privileged access sprawl
When you discover all privileged accounts across your infrastructure using IBM Secret Server, you identify all service, application, administrator and root accounts. This means you gain total visibility and control over privileged credentials that previously went undetected.
Generate, store, rotate and manage SSH Keys
Bring the generation, rotation, control and protection of SSH keys directly into IBM Secret Server. SSH Keys are similar to usernames and passwords but are used for automated processes and for implementing single sign-on by system administrators. With Role-Based Access Control and permission sets, you can control who has access to which sets of keys, regardless of location or IP address.
Monitor and record privileged sessions
Know every keystroke a user takes. IBM Secret Server enables real-time session monitoring and allows you to terminate a session if risky behaviour is detected. It also allows you to record privileged user activity. This provides an audit trail from when the user checks out a secret, to what they did on the system, to when they finally log off. Gain full insight into what’s going on in your most critical accounts.
Change passwords automatically when they expire
Privileged passwords should be changed regularly. IBM Secret Server’s built-in password changing and expiration schedules ensure that critical passwords are changed automatically, without manual intervention.
Delegate access to all privileged accounts
Maintain accountability and provide better context to approvers, so they know exactly why a user needs access. You can also set up role-based access control (RBAC) and an approval workflow that enables transparent access, time restrictions and other parameters of that access and password approval for third parties.
With IBM Secret Server you’ll gain full visibility and control over every privileged account.
You’ll know if someone adds backdoor access or makes an unauthorized configuration change.
You can identify who accesses a system, review the actions they take and react accordingly. Session monitoring and recording also gives you a complete audit trail.
Enhanced auditing and reporting
Utilize dozens of out-of-the-box reports for better insight into system health and compliance. You can generate full reports on password vault activity and create custom reports from database queries as needed.
Integrate IBM Secret Server for enhanced security
IBM Secret Server integrates seamlessly with critical IBM Security solutions, including IBM Cloud Identity, QRadar®, Guardium® Data Protection and IBM Security Identity Governance & Intelligence.