Contents |
In this age of IT revolution, most business applications deal with sensitive intellectual property and strategic information that are critical to the success and even survival of the enterprise. User access control systems are in place almost everywhere to protect the intellectual property.
Over a period of time at work, even a normal user acquires an amazing number of user accounts. Still more complex is the work of Network Administrators and System Administrators who deal with hundreds of passwords at various levels. Consequently, it becomes a daunting task for anyone to keep track of all the passwords. Users tend to store the user name and password information somewhere in their system locally or in a central location when multiple administrators need to use the information.
As System and Network Administrators mostly deal with sensitive administrative passwords, also known as privileged passwords, which provide complete access to all sensitive applications and data, any mismanagement of such passwords would result in a huge security risk exposing the applications to misuse and attacks by identity thieves.
The way out is the use of a secure password management solution that enables secure storage of administrative passwords offering the flexibility to share them among multiple users based on fine-grained user authorization.
ManageEngine PAM360 is a Password Management Solution for Enterprises to manage the administrative/privileged passwords. It serves as a centralized repository for storing user names and passwords of any 'network resource' such as a network device, a desktop server, an application et al.
PAM360 serves not just as a secure password repository, but offers a complete Password Management solution. Using PAM360, one can store all passwords in encrypted form in the database and achieve role-based access control for users. That is, administrators can centrally create users, assign them with specific roles and define access levels. Only authorized users will get access to view, edit or manage the permitted 'resources' (the resources assigned to them) based on their role. Thus, PAM360 facilitates encrypted storage and secure sharing of passwords in enterprises where multiple users will have access to multiple resources. The user account information and passwords can be accessed from a central web interface.
PAM360 helps in achieving password reset too. Existing passwords of remote resources can be changed from PAM360 itself and the changed passwords are stored in the repository. The comprehensive auditing mechanism of PAM360 helps in tracking who changed what and when, thereby ensuring accountability in multi-member environment.
Centralized, administrative password management
Manage shared administrative passwords
A-to-A, A-to-DB password management
Password encryption using AES algorithm
Provision for importing users from AD, LDAP and leveraging AD/LDAP authentication
Provision for smart card authentication
Role-based access control for users
Password access control workflow
Super administrator Support
Remote password reset
Windows service account reset
Post password reset script execution
Privileged Session Management
Automatically connecting to servers and applications from PAM360 GUI
Setting password expiry dates
Real-time notifications for password events
Two-factor Authentication for enhanced security
High availability
Password generator that helps in generating hard-to-guess passwords
Password policy definition and enforcement
Comprehensive audit mechanism recording all user operations for all resources
Informative reports. Provision for creating custom reports, which helps in meeting regulatory compliance requirements
Tools for scheduled backup of database and disaster recovery
Provision for storing the passwords for personal use such as Email account information, Credit Card Numbers, PIN etc.
Access from anywhere through web browser
Anytime, anywhere access through mobile app
Ensuring the secure storage of passwords and offering high defense against
intrusion are the mandatory requirements of PAM360. The following measures
ensure the high level security for the passwords:
Passwords entered are encrypted using the Advanced Encryption Standard (AES) and
stored in the Database. So, hacking of passwords from the database, is
highly improbable. AES has been adopted as an encryption standard by the
U.S. Government
Role-based, fine-grained user authentication mechanism
ensures that the users are allowed to view the passwords based on the
authorization provided
All transactions through the PAM360 browser take place through HTTPS
Refer to Security Specifications document for more details.
This Help Documentation contains two parts:
Installation
& Getting Started provides information on how to install PAM360,
how to connect Web Interface and start working with the solution
Working with PAM360 provides information about the workflow in PAM360. The subsequent topics provide information on the arrangement of the various tabs in PAM360 Web Interface through which various Password Management operations could be performed. This also deals with the prerequisite browser settings and important terminologies used in the product.
© 2009, ZOHO Corp. All Rights Reserved.