wonderfully unique software solutions

How automated password processing can take local admin management global

Global security software firm Trend Micro has eased the pains of password management by adopting Thycotic Secret Server, an automated solution that manages account password changes across multiple local administrators.

According to Peter Yu, corporate IT operations manager at Trend Micro, said that with 6000 staff across more than 50 countries, it needs to manage hundreds of Active Directory services accounts across its worldwide network. Meanwhile, security policies require staff to regularly change their passwords to all service accounts.

Like in many other organisations, service accounts such as Windows Service, Task Scheduler and IIS Application Pools were configured in multiple locations and manually managed. To solve the challenge, Trend Micro implemented Thycotic Secret Server.

“Secret Server saves us a huge number of hours every month, while increasing the predictiblty of password changes and helping meet our policy compliance obligations,” Yu said.

To rotate passwords for Service Account owners must know every place the service sccount is in use, go there, change its password, and assume that the password is correct for every place the account is being used, Thycotic explains in the related case study.

Besides the potential risk of human error, manual password processes placed a significant burden on the service account owner’s time and effort in order to comply with polices and maintain proper password hygiene.

Thycotic Secret Server has enabled full automation of password processing – including regularly scheduled password changes, with the account owner only needing to monitor the resultant change, instead of changing the passwords manually.

Another benefit is the ability to discover all the service accounts on a customer network and the dependent services, tasks and app pools, determining where each service account is being used (and new usages since the last scan), and import all service accounts into the Secret Server repository for management and auditing.

“The IT team can take advantage of permissions and audit trails to lock down access to these accounts and understand how they’re being used. Secret Server also has powerful security control features such as Request Access that allows the enforcement of a workflow on users trying to access service accounts,” Thycotic explains.

“In addition, Secret Server can record any sessions that users launch using a service account and keep track of any keystrokes during those sessions.”

Recent Articles

Hornetsecurity expands M365 cloud security offer with Vade deal

Cloud email security provider Hornetsecurity has added a partnership with Vade, increasing focus on answering data sovereignty requirements with best-in-class cloud, compliance...

Cross-browser testing provider BrowserStack named Microsoft ‘partner of choice’

Software testing platform provider BrowserStack has announced a strategic partnership with Microsoft to support Visual Studio App Center users transitioning to BrowserStack...

JetBrains rolls out full-line code completion for its IDEs

Developer tools company JetBrains has added to its AI-enablement tools with full-line code completion for its integrated development environments (IDEs), separate to...

OpenText renews X12 supply-chain data standards partnership

Enterprise information management (EIM) software vendor OpenText is renewing its partner licensing agreement with the X12 electronic data interchange (EDI) standards organisation.

LiveAction NPM performance extended for Cisco unified server users

Network intelligence from vendor LiveAction has been certified to work with high performance Cisco servers, increasing availability of its packet data and...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox