Delinea, a provider of Privileged Access Management (PAM) solutions for seamless security, today announced new enhancements to Secret Server’s Secure Shell (SSH) Cipher Suite and Secure File Transfer Protocol (SFTP) tunneling. Additional disaster recovery enhancements help ensure that Secrets data and permissions are available even during a disruption.
According to the 2022 Verizon Data Breach Investigations Report, 82% of breaches in 2021 involved the human element, including the use of stolen credentials, phishing, misuse, or simply error. Organizations can significantly reduce human-centered risk by centralizing privileged credentials in an encrypted password vault.
SSH Cipher Suite enhancements allow for the customization of the ciphers used when making SSH connections for tasks such as credential discovery, password changes, and heartbeat. Heartbeat monitors passwords and credentials in real time and sends alerts if they are changed outside of the vault or without the user’s knowledge. The new SSH Cipher Suite features enable users to easily configure key exchange, MAC address, and encryption algorithms, allowing organizations to tailor ciphers to their best practices and increasing the security of connections made through the vault. Administrators can also easily remove old or non-approved ciphers, avoiding remediation work if those ciphers are highlighted in a vulnerability scan.
With the addition of a new option for using SFTP tunneling with Filezilla and WinSCP clients, administrators can now transfer files to target machines using either client while keeping credentials safe in the vault. This feature improves file transfer security by avoiding direct access to privileged credentials and gives administrators more flexibility without disrupting their normal workflow.
Expansion of high availability and disaster recovery (HA/DR) features focuses on ensuring access and permissions are available during an outage. This includes the ability to replicate local and domain users, groups, file attachments, and Secret/folder permissions, resulting in a standby vault with all permissions in place. All types of scenarios are supported by HA/DR functionality, including cloud to cloud, on-premises to on-premises, cloud to on-premises, and on-premises to cloud.
“This Secret Server release continues to demonstrate our commitment to providing the most secure and flexible enterprise access controls,” stated Jon Kuhn, SVP of Product Management at Delinea. “Features like SSH Cipher Suite, SFTP tunneling, and enhanced HA/DR further our promise to customers of reducing their risk of a cybersecurity breach without impacting the productivity of their teams.”
This release also includes enhancements to the advanced session recording agent, advancements in the user interface (UI) to improve ease of use, and customized internal communication options through the UI via a configurable global banner.
Organizations can try the latest version of Secret Server for free at https://delinea.com/products/secret-server/.