#ISUCIT.

Slides:



Advertisements
Similar presentations
Chapter 20 Oracle Secure Backup.
Advertisements

Managing Your Organisation’s Portal Team Account Tutorial 7.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
Privileged Account Management Jason Fehrenbach, Product Manager.
ITS Customer Work Request & Triage Process. Work Request & Triage Process – what is it? Some new terminology: Work Request: A request for support from.
Lesson 17: Configuring Security Policies
IEEE Standards Association Attendance Tool Manager Access.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Access 2007 Product Review. With its improved interface and interactive design capabilities that do not require deep database knowledge, Microsoft Office.
12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Network security policy: best practices
CrackingSiebel.com Utility Siebel Repository Extract (SRE) Tool.
Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Copyright © 2007, SAS Institute Inc. All rights reserved. SAS Activity-Based Management Survey Kit (ASK): User Management & Security.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
Module 7 : Configuration I Jong S. Bok
Lecture 5: User Accounts & Directory Service Instructor: Dr. Najla Al-Nabhan
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Session 8 Windows Platform Dina Alkhoudari. Learning Objectives Read Only Domain Controller Active Directory Certificate Service Group Policy.
 1- Definition  2- Helpdesk  3- Asset management  4- Analytics  5- Tools.
19 Copyright © 2008, Oracle. All rights reserved. Security.
SP Business Suite Deployment Kick-off
Review of IT General Controls
Core ELN Training: Office Web Apps (OWA)
Secure Connected Infrastructure
Active Directory Management Software Borna
Centralized Management for Barracuda Networks products
The Marshall University Experience with Implementing Project Server 2003 August 9, 2005 Presented by: Chuck Elliott, M.S. Associate Director, Customer.
Using E-Business Suite Attachments
Module Overview Installing and Configuring a Network Policy Server
Introduction to Operating Systems
2016 Citrix presentation.
Document & Web Content Management
Control system network security issues and recommendations
Radius, LDAP, Radius used in Authenticating Users
To Join the Teleconference
Network Services.
BOMGAR REMOTE SUPPORT Karl Lankford
CIS 333Competitive Success/tutorialrank.com
CIS 333 Education for Service-- tutorialrank.com.
Briefing Session Guide
Unit 27: Network Operating Systems
What Is Sharepoint? Mohsen Ashkboos
Cloud Connect Seamlessly
Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016
The Dirty Business of Auditing
Offices: DC, London, Sydney
Oracle Sales Cloud Sales campaign
Getting Started.
Getting Started.
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
Security - Forms Authentication
Presentation transcript:

#ISUCIT

Overcoming the Perils of Password Sharing Doug Wood #ISUCIT

Administrative passwords are literally ‘aplenty’ in the enterprise Administrative passwords are literally ‘aplenty’ in the enterprise. They are mostly insecurely shared and lie scattered in the enterprise leaving little scope for any internal controls. Though the security and operational problems caused by shared administrative passwords are so obvious, no organization can afford to eliminate them altogether. This session presents Password Manager Pro, an effective way to meet this challenge and its importance as an effective Shared Account Password Management system. #ISUCIT

Challenge of Shared Passwords Administrative passwords are omnipresent and are used to sustain operations through their use in servers, network devices, databases, and other applications where privileged access is required. As an institution, we have many of these administrative privileged accounts used in shared environments. That means, a group of administrators may use a common privileged account access a particular resource. Therefore these accounts are accessible to all the members of the team. It is always good to avoid sharing administrative passwords. Practical needs of the university require selective sharing of administrative passwords without compromising security. #ISUCIT

Traditional Password Management Passwords may be being maintained in text files, spreadsheets, homegrown tools, or physical vaults. Using these type of methods leads to unintended sharing of passwords. Developers having full access to database passwords, UNIX administration team having full access to Windows passwords and so on. #ISUCIT

Security Threats and Drawbacks It is common for administrators assigning familiar words or short phrases as passwords, for ease of use. Passwords of resources changed and, without close cooperation among administrators, could affect daily operations. If a text file or spreadsheet containing shared administrative passwords reaches the hands of a malicious party, data security and the reputation of the institution could be adversely affected. Who has access to what resources. The traditional password management approach has no provision for this. #ISUCIT

Shared Account Password Management Password Manager Pro is an on premise web-based, Shared Account Password Management solution to control the access to shared administrative passwords and privileged accounts of any resource. This enables IT administrators to enforce standard password management practices of maintaining a central repository of passwords, usage of strong passwords, and aid in controlling access to these shared administrative passwords and privileged accounts. #ISUCIT

Password Manager Pro Access Roles Password Manager Pro is accessed with an Active Directory user id and is assigned an access role. The access role defines the operations that can be performed. Administrator – manage the PMP application and perform all the resource and password operations. They only see resources and passwords they created and the passwords that are shared to them by others. Password Administrator - perform all the resource and password operations within the resource groups assigned to them. They only see resources and passwords they created and the passwords that are shared to them by others. Password User – Only see passwords that are shared to them by an Administrator or Password Administrator. Password Auditor – Same privileges as Password User with the addition of access to audit records and reports. Number of Administrators and Password Administrators limited by licensing. No restriction on the number of Password Users. #ISUCIT

Password Manager Pro Home Page #ISUCIT

Resources and Passwords Resources are shared administrative passwords or privileged accounts used in servers, databases, network devices, applications, service accounts etc. Passwords may either be displayed or copied the clipboard to be pasted into the password field of an SSH or RDP terminal session. #ISUCIT

Resources Groups Resources may be grouped together for easier management. The groupings can be done by specifying a criteria, when a new resource is added is becomes part of that group. Resource groups may be shared with other users or user groups. Users who have shared access to the group can see passwords of the resources within the resource group. #ISUCIT

Password Manager Pro Access How do I get PMP? If you are wanting to obtain access for your support group, you will need to do the following: Contact the AT Business Office to request a PMP administrator license. Submit a Cherwell ticket to AT ION Infrastructure Apps requesting access for your support group. A PMP Administrator from AT ION Infrastructure Apps will then contact you to schedule a time to setup, configure and provide more detailed documentation. #ISUCIT

Questions #ISUCIT

#ISUCIT

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.