ThycoticCentrify Secret Server updates with simplified secrets management

News Desk -

Share

Secret Server, ThycoticCentrify’s award-winning PAM solution, now has new and enhanced capabilities. Secret Server enhances its industry-leading secrets management features and ease-of-use with additional security controls, automation, and design upgrades, resulting in increased security and efficiency.

Credentials are the primary mechanism by which bad actors hack into a business, according to the Verizon 2021 Data Breach Investigations Report, with 61 percent of breaches linked to compromised credentials. To mitigate this risk, all firms, regardless of size, location, or industry, must implement powerful, user-friendly solutions to safeguard the accounts and credentials that grant access to these capabilities.

“Our continued focus on decreasing the steps required to safeguard secrets reduces the workload on security administrators and the attack surface area,” said Jon Kuhn, SVP of Product Management at ThycoticCentrify.

He added, “As an example, our master encryption key rotation capability is simple to implement and provides an additional layer of protection to block external actors from gaining access to all the other keys stored on the platform.”

Stronger security controls reduce risk

Secret Server’s master encryption key can now be rotated on demand, according to the current update. Individual secrets rotated within the digital vault give an extra degree of security, preventing external entities from obtaining access to it.

Secret Server also makes it easier for enterprises who utilise jump boxes to secure access to vital resources to connect. Rather of spending time injecting new credentials at each connection point, customers may now browse a full path in a single session, from launch to jump box to destination. Users can start the end-to-end route using Secret Server or the Connection Manager session management tool’s interface.

Checkout enhancements remove bottlenecks

Secret Server ensures that only one privileged user can utilise a secret at a time to improve auditing and compliance. When secrets aren’t checked back in to Secret Server after they’ve been used, key maintenance activities can’t be completed, and productivity suffers. After an API connection’s secrets have expired, the current release automatically checks them in.

Additionally, users now have a better understanding of how much time is left on a private checkout and can extend it if necessary.

Improved keyboard navigation and screen reader suggestions are included in the current edition, as well as improvements to the Secret Server interface, logging, and reporting to improve usability and accessibility.