ERPM makes it easy for you to manage privileged account passwords on hardware, databases, applications, services and more - helping you comply with corporate policies and meet IT regulatory requirements.
Today's regulatory mandates – including PCI DSS, SOX, HIPAA and others – require your privileged account passwords to be sufficiently unique, complex, and frequently changed.
Passwords are automatically randomized after use and can be changed on a scheduled basis, with the options for scheduling being immediately, every hour, every day, every week, every month, every year or every n hours/days. The job can also be given a window of time to run (e.g. 1-3 AM).
This enterprise password management solution helps you schedule and monitor password changes with a minimum of effort, and lets you properly handle exceptions (in the event of a network issue or if a target system goes offline) so that any issues are reported, alerted and addressed.
Password constraints are configurable and control the password length and complexity. You can select which symbols to use or exclude, whether the password may contain upper/lower case letters, symbols, or numbers. You may select the positioning of characters/numbers/symbols within the password itself, and you may require a minimum number of upper/lower case characters, numbers or symbols. With ERPM, passwords can be up to 127 characters in length, if/as allowed by the system being managed.
With ERPM your passwords are encrypted in a backend database, with options that include military-grade AES encryption, a FIPS 140-2 software encryption module, higher levels of FIPS 140-2 compliance, and support for Hardware Security Modules (HSMs) that use PKCS#11. ERPM also takes advantage of SSL encryption between its distributed modules, and between its web application and users' machines, to protect passwords and other sensitive information.
ERPM does not perform any of its own networking and does not require agents to manage privileged identities on servers, workstations, and devices. ERPM commands its local host to perform connections and issue remote commands. All networking is a result of Windows to Windows communications for Windows based targets and therefore follows the same rules and protocols, or via SSH 2.0 or Telnet connections to non-Windows platforms.
Administrators can quickly retrieve passwords for systems/ devices/ applications/ databases they are authorized to manage via a secure web portal. You may configure the web application to allow users to view passwords or simply log them into the target system via RDP/SSH/Telnet without ever displaying the password.
Contact us to learn more about how Lieberman Software can help you secure your organization's privileged accounts.