Privileged access management (PAM) software vendor Delinea has rolled out an update to its flagship Secret Server tool that will add another layer of security to its enforced multi-factor authentication (MFA) at log-in.
Phil Calvin, chief product officer at Delinea, indicated that this additional security could reduce risk to the credentials themselves, helping organisations meet “increasingly stringent” compliance requirements.
“Enabling MFA enforcement at multiple levels of vault access is another line of defence against bad actors while supporting PAM security best practices,” Calvin said in the announcement.
Delinea did not offer details, but noted that IT and security teams need an additional layer of security controls for “extra identity verification on highly privileged accounts” to protect their organisations.
This new functionality is designed for ease of use and enables IT and security teams to quickly add different security requirements on individual privileged credentials beyond MFA at log-in, the company said in its announcement.
“It also provides the flexibility to enforce MFA on a single credential, multiple credentials via bulk operation, or all credentials in a folder via a policy,” it said.
“An additional layer of security further down the attack chain increases access controls on highly privileged accounts if the user’s credentials and preferred MFA method used at log-in become compromised.”
The new Secret Server supports different MFA offerings, including Delinea Mobile App, Yubikey, and other devices using FIDO2 passwordless authentication protocols.
According to Delinea, studies suggest that stolen credentials and human error continue to be among the most common ways that cyber-criminals access systems and data, with around eight in ten organisational breaches involving stolen credentials.
“In a recent Delinea survey report, 47% of respondents indicated they needed to purchase an MFA enforcement solution to meet cyber insurance requirements,” the company added.