Enterprise Random Password Manager™ (ERPM) integrates with both McAfee ePolicy Orchestrator (ePO™) and Enterprise Security Manager (ESM) to provide enhanced Security Risk and Compliance capabilities, correlate security and event data, and give oversight control of elevated privileged accounts.
Managing ePO Privileged Account Credentials
ERPM is the first product capable of enabling secure check-in/check-out of privileged account credentials directly from the McAfee ePO web-based interface, and the first to deliver identity and configuration data enrichment for ePO.
The credentials used to access systems in many McAfee ePO software installations often remain unchanged, despite security best practice and regulatory compliance mandates that require access to sensitive data through these accounts only on a "need to know" basis.
ERPM helps you secure sensitive data by removing anonymous access to McAfee ePO software. The Lieberman Software product provides a model in which sensitive logins are controlled and passwords automatically revoked immediately after delegated IT personnel complete their work.
The Lieberman Software - ePO integration process includes:
- ePO user selects a machine for which privileged credentials are required
- ePO user selects an account from a list generated by ERPM
- The password for that account is delivered immediately, or a request for approval is generated
- After the work on the machine is completed, the credential can be checked-in, or the check-in is performed automatically after a fixed period of time
- All access to credentials is controlled and audited; ePO accounts are mapped to an enterprise account for authorization
- After credentials are issued they are automatically changed in the background to ensure that each user is accountable for their access during the designated period of time
Recover Specific Account Password from a Machine with ERPM. (Click to enlarge.)
Identity and Configuration Data Enrichment for ePO
The integrations also provide detailed data to ePO about the privileged credentials that are automatically discovered and tracked on each system by the Lieberman Software products.
McAfee Enterprise Security Manager (ESM) Integration
ERPM works with McAfee ESM to correlate security and event data and provide oversight control of elevated privileged accounts. ERPM password check-out/check-in actions and credential changes are seen in the McAfee ESM system, along with successful and failed password verifications.
The McAfee ESM system tracks and correlates privileged account activities, letting users monitor and respond to issues from within the McAfee ESM interface. Customers can observe the actions taken by privileged users and pass this information along to security auditors. The combined technologies provide enterprises with enhanced monitoring, visibility and management of their powerful privileged accounts.
McAfee SIA Partnership
Lieberman Software is a member of the McAfee Security Innovation Alliance (SIA) program.
For more information on how Lieberman Software's McAfee ePO integrations can help secure your organization, contact an account manager.