Privileged access management (PAM) vendor ThycoticCentrify has unveiled enhanced security, automation and design in its award-winning Secret Server cloud identity manager.
According to Brad Shewmake, writing for ThycoticCentrify, this version of Secret Server enables rotation of the master encryption keys used and offers a “streamlined” connection process for jump boxes that protect access to critical resources.
“Rotating individual secrets housed within the digital vault provides an additional layer of protection to block external actors,” Shewmake said.
“[And] rather than taking time to inject unique credentials at every connection point, users can now use a single key to navigate an entire route from launch, to jump box, to destination, within a single session.”
Shewmake said that checkout enhancements mean only one privileged user at a time is permitted to use a secret. Secrets for API connections are automatically checked in post-expiration. This should ease auditing and compliance.
“When secrets aren’t checked back in to Secret Server after use, critical maintenance operations can’t be performed and productivity slows,” he said.
“Additionally, users now have more visibility into remaining time on a secret checkout and can extend the checkout if required.”
Other changes have been made to the Secret Server interface, logging, and reporting, with a view to improving usability and accessibility via keyboard navigation and screen reader hints, Shewmake said.
ThycoticCentrify states its focus as about decreasing the number of steps to safeguard secrets, reducing the attack surface area, and administrative workloads.
“According to the Verizon 2021 Data Breach Investigations Report, credentials are the primary means by which bad actors hack into an organisation, with 61% of breaches attributed to compromised credentials,” added Shewmake.