Privileged Access Management
Permanently Separate People From Passwords
Every IT estate is managed by privileged users – users granted elevated control through accessing privileged accounts to ensure that the uptime, performance, resources and security of the computers meet the needs of the business. The PxM Platform’s Privileged Access Management addresses both security and compliance requirements by defining who gets access to what and when.
Privileged account abuse presents one of today’s most critical security challenges. Uncontrolled access by insiders or even contractors to these accounts leaves an organisation vulnerable to data leaks and cyber-attacks – ultimately causing irreparable damage to both the business and its’ reputation.
The PxM Platform’s Password Lifecycle Management ensures that all managed passwords are as strong as possible. Additionally, full break glass and rollback features allow the PxM Platform to cope seamlessly with devices that leave the network or are restored from backups.
What is Privileged Access Management?
find out in 3 minutes
See the team demonstrating why SysAdmins should choose Osirium’s Privileged Access Management solution.
The PxM Platform's Privileged Access Management enables every privileged account on every device to be given a particular, defined state - allowing you to start using the PxM Platform without making any changes to your device estate. From here you can incorporate security and compliance through mapping who can use these accounts, and what happens to the passwords used to access them.
Password Lifecycle Management
The PxM Platform's passwords meet the maximum complexity permitted by each device - mitigating any brute-force attacks. Password cycling can be both scheduled or event-based - giving you maximum control across your IT estate.
Rules can be defined per-device; ensuring that password compliance policies are not only met but exceeded. Individual passwords are used for every PxM Platform managed account, meaning users cannot move laterally without permission.
The PxM Platform provides a full audit trail to show who has accessed what, where, when and how, along with a full detail of the identity to role mapping used.
This gives every audit trail created by the device personalised details - rendering this information immeasurably more valuable to SIEM systems. This allows for seamlessly augmented integration with existing solutions, fully eliminating the need for any manual cross-referencing.
Strong Authentication Support
SysAdmins can log into the PxM Platform using their existing standard account username and password. Alternatively, two factor or token-based authentication via RADIUS is available for stronger authentication options.
Least Privileged Model
The PxM Platform applies a least-privilege security posture - ensuring that each privileged role, particularly 3rd party service providers are given no more privilege than is necessary for them to fulfil their jobs.
Multi-active Directory Support
The PxM Platform handles access to Windows Workstations and Servers within multiple domains - provisioning accounts into the correct AD domain and utilising Single Sign-On with the correct domain account.
No agents need be installed, nor is any reconfiguration necessary on devices, servers or within desktop applications - eliminating the costly process of arranging and maintaining update programmes.
In the event of a system restore, password rollback ensures that device access is possible at all times by simply rolling back the password schedule to match the restored schedule.
When enabled, any connection or task will require a valid change or incident ticket before execution, allowing further integration with ServiceNow’s ticket validation services.
Template-based Device Support
Many devices are supported out of the box, but additional device support can be easily implemented through the creation of template files from directly within the PxM platform.