|In enterprises, quite often, many administrators might be accessing a system in production environment concurrently.
They might be attempting to carry out conflicting operations, unconnected tasks or even trying the same activity.
In the absence of proper planning and coordination, such concurrent access on IT resources could affect the integrity of data/information, lead to
conflicts, duplication of effort and a troublesome assortment of other issues.
For instance, two administrators might be attempting registry edits on the same system concurrently.
Conflicts during this operation might lead to costly damages.
In other cases, for certain sensitive IT resources in production, there might be requirements to grant exclusive, time-limited access to a particular administrator.
During that period, no one else should be allowed access to that resource.
But, without a proper tool, the above tasks are far easier said than done.
Controlling access to privileged passwords
One of the
best ways to tackle the above scenario is to control the access to privileged passwords and thereby check access to the IT resource.
You can deploy a Shared Account Password Manager and store all the administrative passwords in a centralized repository.
Administrators can be granted access to the passwords strictly based on job responsibilities and requirements.
Manager Pro from ManageEngine provides a perfect solution to control concurrent access to resources and also to grant exclusive, time-limited access to select administrators.
The ‘Access Control Workflow‘ feature of Password Manager pro helps achieve
Concurrency Controls with ease.
A specific password could be made available for the exclusive use of a particular user for a specified time during which, no one else - even the owner of the resource would be allowed to view the password.
For Example, if you specify the time period as
two hours, the password would be made available exclusively for that user for two hours.
Others cannot view the password during that period.
After the specified time period, the password would become void and will not be available to the user.
In addition, the password will be automatically randomized.
Later, other users will now be able to view the passwords thereafter.
In case, an emergency need arises to revoke the exclusive permission to the user, administrator can forcefully check in the password at any point of time.