Privilege Password Management

Managing a password is about creating a complex password, changing it periodically, and not duplicating within or across the systems. Although the level of complexity and the frequency will vary from one organization to another, the goal is simple ... keep out the unauthorized users.

While most organizations would have a policy in place, enforcing the policy (and maintaining it) is not as simple as it sounds. Thus, the need for a solution that automated this process, i.e. to create the complex password (uppercase, lowercase, special character, number) and to change it periodically, as per the organization's policy.

In addition to doing all this, SecureKi also has an option (request change password) that changes the password (after a policy defined "x" minutes) upon a password request. This ensures that the passwords are kept as unbreakable as possible. And to further secure the access, the solution provides a multifactor authentication (either with an OTP or a bio-metric authentication).


Advanced Credential Management

Advanced Credential Management provides Identity Infrastructure Single-Sign On with OTP verification without exposing credential.

Server

ACM for Server supports across the breath of operating systems like Windows, UNIX/Linux, Tandem, AS400 and Mainframe (physical and virtual), agentless. Firstly, ACM for Server manages the passwords automatically (based on policy) by creating complex passwords and changing it periodically. It then provides a convenient, but highly secure, Single Sign-On with a multi-factor autheantication (either with an OTP or a bio-metric authentication). Having accessed into the systems, Smart Analytics monitors and records all sessions to provide real-time monitoring (with a remote "kill" session) and playback review. Additionally, Sudo Management allows further control over the user's privileges. File transfers (SFTP and FTP) are also managed in the similar manner.

Network

ACM for Network support practically all of the popular vendor in the market, agentless. Firstly, ACM for Server manages the passwords automatically (based on policy) by creating complex passwords and changing it periodically. It then provides a convenient, but highly secure, Single Sign-On with a multi-factor authentication (either with an OTP or a bio-metric authentication). Having accessed into the systems, Smart Analytics monitors and records all sessions to provide real-time monitoring (with a remote "kill" session) and playback review. Additionally, Sudo Management allows further control over the user's privileges.

Application

Whether it is a Web application or a Client-Server application, ACM for Application can be implemented very quickly with minimum of effort. It has a PUSH/PULL technology that even manages hard-coded application passwords that may be stored in a database, configuration file, an external temp file, etc. It then provides a convenient, but highly secure, Single Sign-On with a multi-factor authentication (either with an OTP or a bio-metric authentication).

Database

By typically using the native database connector, ACM for Database has OTTB support for databases (like Oracle, MYSQL, MSSQL, Sybase, Altibase, Tibero, etc.) for the password management. As customers may choose to login to the database using different tools (and versions), SecureKi will work with the customer to support the Single Sign-On feature as well, with the minimum of effort required.

IOT

In the Internet of things, role of credential management is expanding. It is no longer just about identifying people and managing their access to different types of data (i.e. sensitive data, non-sensitive data, device data, etc.). In the IoT world, credential management must be able to authenticate devices, sensors, monitors, and manage their access to sensitive and non-sensitive data.

As a leading provider of credential management solutions, SecureKi delivers the end-to-end solution needed for device identity and privilege access management for IoT sensors , Internet Gateways, Edge IT and Data Center/Cloud. 

Security Appliances

ACM for Security Appliances support practically all of the popular vendor in the market, agentless. Firstly, ACM for Server manages the passwords automatically (based on policy) by creating complex passwords and changing it periodically. It then provides a convenient, but highly secure, Single Sign-On with a multi-factor authentication (either with an OTP or a bio-metric authentication).


Single Sign-On

The attraction of the concept of a Single Sign-On is to increase the level of convenience so that only one set of login credentials is required to access multiple targets. However, from a security point of view, the implication is that if this one authentication is breached, the intruder now has the keys to your kingdom.

SecureKi addresses this predicament of maintaining the highest level of security (while providing the convenience of SSO) by incorporating a multi-factor authentication. This authentication may be with an OTP or a bio-metric. Additionally, the access can further be restricted to specific IP(s) and/or subnet IP range.

Without the need to manage the login credentials (now automatically managed by the Privilege Password Management), this provides a totally complete, highly secure and yet, convenient credential management solution.


Smart Analytic

SecureKi provides a Session Monitoring feature that covers both CLI and GUI modes.

For a CLI, this covers a real-time viewing (keystroke by keystroke) of the session, as well as a historical playback review. For a GUI, screen grabs are taken based on keyboard or mouse activity (i.e. not time based) which can be viewed individually or played like a image stream.

In either case, there is a remote "kill" session in case there is a need to terminate the session immediately. Also, the search filtering feature allows you to very quickly zoom down to the specific session(s) that meet the search criteria.

Finally, the event logs can be reviewed within the solution, or integrated to a SIEM solution.


Multifactor Authentication

- VPN & Remote Access with OTP
- Bio-metric Authentication with Palm Vein Scanner

SecureKi supports 2 technologies options:

OTP (one-time password) authentication

SecureKi provides a OTP mobile app for your iPhone or Android smartphone. This mobile app will generate a random 6-digit number every 60 seconds (i.e. 1 million combinations every 60 seconds) and this number is used to authenticate the user into the target system, and in the case of a Command Control, to authenticate that the user is allowed to execute the command.

Bio-metric authentication

SecureKi provides a Palm Vein Scanner option that is an ergonomic and an extremely highly secure bio-metric solution to be used as a multifactor authentication. This could be a necessity in locations where mobile devices are not permitted (i.e. no OTP), or where justification is due to the extremely highly sensitive data, or high valued transactions, etc.


Sudo Management

Allowing the user to log in as an all-powerful administrative user is a security nightmare. Yet, this is almost always requested by vendors and very commonly a necessity. SecureKi addresses this by allowing a policy definable list of commands to be imposed onto any of users (e.g. root user in a UNIX server). This could be in a Black or White list, with a further sub-category of Block, OTP, Notify, and Confirm.

By logically grouping these commands into Command Control Groups (e.g. for a server vendor, a network vendor, by location, etc.), its implementation is extremely quick and flexible.

An attempt to execute any one of these commands creates an event log, which can be reviewed within the solution, or integrated to a SIEM solution.

Enterprise passwords are the keys to your IT kingdom.
Guarantee your Password Security with SecureKi

Need Visibility & Control ?