自動化特權存取管理和安全平台

我們努力確保公司對行為和特權信息的擁有主權。為此,我們通過跟踪管理員對網絡、伺服器、數據庫和大量設備的操作來防止數據被盜。此外,我們追求符合審計要求和最苛刻的標準,包括 PCI DSS、Sarbanes-Oxley、ISO 27001 和 HIPAA。

Access Management (PAM)
Manage the full cycle of high privilege credentials.

      What it is

Centralized access management, with the purpose of protecting and controlling the use of generic and high privilege credentials, providing secure storage, access segregation and full traceability of use.

      Benefits

  • Operational gain in the password change process;
  • Guaranteed password delivery in a secure and controlled manner;
  • Transparent authentication on the target system or network device without displaying the password to network administrators or third parties.

      How it works

By configuring Access Groups, you can define the administrator users who will have permission to receive a physical access password, and the group of users who can use the remote access offered by the solution to access a target device or system. All cases may follow approval workflows and reasons provided by the requesting user.

      Features

  • Secure storage of credentials and passwords;
  • Definition of groups for access segregation based on user profiles;
  • Flexibility in the approval process for access to privileged accounts (pre-approved accesses, accesses with single or multiple approval);
  • Possibility of more than one user requesting access to the same privileged account, without compromising usage traceability;
  • Emergency access for immediate password viewing, with reason request and alert to responsible parties if the approver is unavailable;
  • Dual password custody to ensure more than one presence in the access;
  • Integration with the Help Desk and Change Management tools to validate the reason provided by the requesting user;
  • Passwords change according to predetermined time of use or after consultation;
  • Automated password change on the main technological platforms, such as network, servers, database, web applications, and security equipment.

      Technical features

  • Password storage using strong encryption standards (AES 256, SHA 256, RSA 2048 bits or higher and FIPS 140-2), and also using HSM devices;
  • Integration with leading directory services for managing groups and access profiles, and thus controlling credential use.