Sneak Peek: New Secret Server features only at RSA Conference 2014

20 02 2014

2014 marks Thycotic’s 5th year exhibiting at the RSA cybersecurity conference. RSA is one of the largest gatherings of IT security professionals and analysts in North America. This year, the conference takes place February 24-28th 2014 at the Moscone Center.

RSA Conference 2014

Thycotic to unveil new Secret Server features

We’re excited to demonstrate not-yet-published Secret Server features before they’re officially released at booth 415 during RSA expo hours. Our team will also give demos of our other IT products and are available to answer any questions you have on our products or password management best practices. Product Manager Ben Yoder and CEO Jonathan Cogley will be there, as well as many more of our great team. Look for our 20X20 black and green booth, you can’t miss us!

What to expect from RSA

Informations sessions cover a variety of security hot topics: hackers and threats, governance, risk and compliance, cryptography, data privacy and more. IT security professionals come eager to discover the latest in security technology, debate fiery issues and mingle with the best in breed vendors and industry experts. Oh, and don’t forget the rocking vendor parties that pack the evenings; complete with food, drinks and entertainment of all kinds amidst the backdrop of a lively San Francisco nightlife.

Awesome keynote lineup

RSA 2014 boasts an impressive speaker lineup worth checking out, including Nawaf Bitar of Juniper Networks, Art Gilliland of HP, James Comey of the FBI and a special closing keynote appearance by Stephen Colbert guaranteed to bring some hilarity to the mix.

Thinking about attending? Register for RSA 2014 here.

See you there!

 





Password Reset Server User Interface REFRESH

18 02 2014

Face it, there will always be end-users that forget their passwords. Giving them the ability to reset their own password is key to saving time, money and unnecessary stress, both for the user and the help desk.

The trick is to make the reset process as simple as possible. We kept this in mind with the latest release of Password Reset Server, our end user self-service password reset tool. We focused on enhancing the user interface to make the process for end-users simple and intuitive. The modern interface provides clear action steps and a newly designed enrollment process tailored to the end-user. Below are screen shots of the new, fresh face of Password Reset Server:

Introducing the new Password Reset Sever landing page

Password Reset Server Login

Updated enrollment process: End-users can now select the questions they want to answer

Enrollment Security Questions

Modern end-user interface to manage their answers

PRSSecurity Questions

And for administrators (Don’t think we would leave you out!) check out our new configuration screen

Administrator Configuration User Interface

Like what you see? Join us this Thursday February 20th at 11:30 AM EST for our Password Reset Server Webinar as we showcase the new user interface and the other features of our last release.

Look out for the next Password Reset Server Release coming in April, which is feature-focused. Want a sneak peek? In THIS release, you got the ability for end-users to choose the security questions they want to answer. In the NEXT release, you’ll be able to flag specific questions from that list as required. And, if you have a Security Policy for different groups in your organization, you can choose different required questions for each group.





Take the Pain (and IT) Out of AD Group Management with Group Management Server

21 01 2014

Organizations that have many different departments inevitably have to spend time just to keep things organized, and IT teams become a critical part of this strategy. Often, their role is to help implement software that enhances each employee’s ability to do their job, but they also perform many back-end tasks to organize the network. Active Directory group management is one of those critical back-end tasks. It gives each employee access they need to the network, file structures and email distribution lists, but in a complex environment, accommodating requests for AD group membership changes can become a time consuming task for IT to manage.

Universities are a great example of complex group management. They have multiple departments of students, faculty and staff, and users require access to workstations in multiple buildings, usually across several campuses.

Each semester, as students change courses and faculty and staff change offices or departments, the IT helpdesk is hit with countless requests for group administration changes to make sure everyone has the access they need to computers, folder structures and group email lists. You can probably imagine how quickly these requests pile up, and how long it can take an IT team to work through the entire list. This can create an immediate inconvenience to students, faculty and staff and to the IT team itself, which always has plenty of work to do.

With Group Management Server, non-IT staff, professors and managers can be authorized to administer their own AD groups. Simply by logging into the website and making the necessary membership changes, AD group management is distributed to those who need the changes immediately, and to those who best understand the access needs of their own groups.

Some of the key features that make Group Management Server a simple and effective solution:

Active Directory Integration

Users access Group Management Server through any major web browser, using their Active Directory credentials to log in.

Role-based Access Control

Control what featured of the application a user can access through customizable roles and permissions. Use the default roles (user, administrator and auditor) or create your own to tailor roles to your company’s needs.

Self-Service Group Administration for Non-IT Staff

Place more control in the hands of managers and team leaders by allowing them to modify group membership of their own groups through Group Management Server. Allow other staff to make group membership requests to their group managers, and fully audit all usage and group changes for security.

AddingGMSGroupMembers

Reports and Auditing

Every group membership change is audited, including the date, time and user involved for each logged event. Information can be condensed into detailed reports for audits and compliance.

GMSUser&GroupAudit

A new version of Group Management Server was released last Friday. See the full release notes HERE or check out a free 30-day trial.





2013: A Security Odyssey

31 12 2013

What did 2013 hold for Thycotic Software? New partners, software releases, and other exciting milestones. Join us for our movie themed year-in-review.

This year, in the wake of dozens of newsworthy data breaches, the landscape for IT security broadened with every headline. The importance of securing privileged credentials and managing identity went from a “nice to have” to a “need to have” seemingly overnight. It became more apparent from IT teams across the globe that a spreadsheet was no longer a trusted, secure repository to manage privileged passwords in an organization.

So what did this mean for Thycotic? Keeping a close eye on security trends, we listened to our customers and built the features they requested to solve their most essential use-cases in privileged account management. But that wasn’t all we did.

Here are just a few highlights of what made 2013 a defining year for Thycotic Software.

Let it snow, let it snow? More like, let it grow, let it grow!

Inc. Magazine named us one of the Top 5000 Fastest Growing Companies in the US, and #33 in the top 100 fastest growing companies in DC. We couldn’t be more honored to receive this privilege. Our growth is attributed directly to our fantastic customers and our intelligent, hard-working team.

Lions, Tigers, and Splunk – Oh, My!

This year we announced several great partnerships, ending the year with an official announcement of our partnership with Splunk to release the Secret Server App for Splunk Enterprise. We’re proud of all of our new partnerships, and especially of our rapidly growing technology integration partner program. You can read more about the Splunk integration with Secret Server in our press release.

Come fly with me, let’s fly, let’s fly away.

We broke a personal record at Thycotic by sponsoring over 35 tradeshows across the world in 2013. We’ve presented dozens of keynotes, spotlight sessions, thought leadership interviews and spoke directly with thousands IT security and operations professionals in every major vertical about their security needs. Thanks to our dedicated team who worked round-the-clock to make those events a major success.

Release the kracken!

This year we’ve had several exciting releases to our products Secret Server, Password Reset Server and Group Management Server based on direct requests from our customers.

For Secret Server, some notable new features are: SAP support for natively changing passwords on SAP accounts; expanded API to increase automation in scripting; Custom Columns for a more tailored dashboard view; Website Password Changing to automatically change passwords for Windows LIVE, Google and Amazon accounts; SAML Support for increased security and single-sign on convenience; and Improved Discovery for Scheduled Tasks and Application Pools, now discoverable by Secret Server.

Other new product features are Active Directory Attribute Integration to let employees easily update their own AD information with Password Reset Server, and Group Renewal for Group Management Server to remind Active Directory group managers to double check their group membership from time to time.

So what’s next for 2014?

We think that 2014 will trump this year in success stories, growth, partnerships and products. We hope you join us every step of the way. Join us on LinkedIn and Twitter for the latest news in cybersecurity and be sure to stop by our booth at RSA 2014 in San Francisco as we kick off another thrilling year in IT security.  Also Thycotic is hiring, join the Thycotic team – read these great Thycotic reviews and see the latest Thycotic videos.





Launch Away-Multiple Launcher Sneak Peek

17 12 2013

One of the most popular features in Secret Server is the Launcher. With one click, Secret Server can launch and authenticate to RDP, PuTTY or a website. You can also launch a custom executable with Secret Server and pass in command-line arguments that reference Secret values. Additionally, the Windows Form Filler can be used to auto-fill credentials for programs that cannot launch with command-line arguments.

Using the Launcher is easy. First, go to the Secret that you want to use. Then, click the Launcher icon to initiate the session directly from your computer. This way, as long as an employee can access Secret Server, they can get their work done – a convenient feature for anyone working offsite.

With the next product release, Secret Server will allow users to assign multiple launchers to a single Secret. This is valuable when one set of credentials is used for multiple access points. For example, you could launch an RDP session with an Active Directory account, then, using the same credentials you could launch a PuTTY session.

MLBlog1

You will be able to add as many Launchers as you would like to a Secret, including custom Launchers. Any user with access to the Secret will be able to use all of the configured Launchers. Add and configure new Launchers to a Secret at the Secret Template level, as shown below.

MLBlog2

Look for the release later this week. As always, we’ll send out an email announcement once the update is live. If you do not get emails about the latest product releases, update your email preferences here.





Don’t miss our monthly webinars!

5 11 2013

Every month, Thycotic hosts a webinar to explore new features, technical integrations and best practices. Last week we discussed a fairly new feature added to Secret Server version 8.3, which has expanded the list of web password changers. Secret Server can now change passwords on Windows Live, Google and Amazon accounts. This means you can now manage your Office 365, Google Apps and Amazon Web Services through Secret Server. These sites are just the beginning of web password changing for Secret Server. If you missed the live webinar, you can watch a recorded version here.

We have several upcoming webinars, including a feature deep-dive and tech integration case study.

Sign up now to get them on your calendar!

Learn how America First Increased Security through Authenticated QualysGuard Scanning with Secret Server

November 5, 2013 at 1:00 pm EST.

Do you have a full understanding of your network security, from both external and internal threats? Performing authenticated scanning for internal threats while keeping credentials locked-down on premises can greatly mitigate security risk. Find out how America First, a national credit union, implemented secure authenticated scans with Secret Server.

Register here for the Qualys Authenticated Scanning webinar

Thycotic Software Introduces- Password Reset Server

November 14, 2013 at 11:30 am EST.

Learn how Thycotic can help solve your end-user AD password rests. Password Reset Server is an AD self-service reset tool that helps reduce your help desk calls.

Register here for the Password Reset Server webinar

For the latest security news and Thycotic product updates, follow us on LinkedIn!





Integration Spotlight – Secret Server and Devolutions Remote Desktop Manager

17 09 2013

 

In this week’s webinar we will be diving into the integration of Devolutions Remote Desktop Manager and Secret Server. Since the software integration in 2011, users have been securing their credentials through Secret Server and remote connections using Remote Desktop Manager after several client requests. Since then, administrators have been able to use both solutions for greater convenience and added security.

Using Secret Server, you can securely store and audit access your login credentials. With Remote Desktop Manager, you can centralize your remote connections that use programs such as Remote Desktop, PuTTy, Team Viewer, and more. With the integration of Secret Server, Remote Desktop Manager seamlessly retrieves the login credentials from your Secret Server account. Using these two programs in conjunction with each other provides your company with a secure, centralized way to store, manage, and utilize your credentials for remote connections.

Join product managers Ben Yoder, Thycotic Software, and Maurice Côté, Devolutions, as they demonstrate the features and benefits of both solutions this Thursday September 19th at 11:30 AM EST. Be sure to register today!





Sneak Preview: HSM Data Encryption with SafeNet

16 11 2012

We’re working with SafeNet, an industry leader in data protection, to bring hardware data encryption to Secret Server. We’re adding support for SafeNet’s Hardware Security Modules, or HSMs.

SafeNet LUNA

Pictured: SafeNet LUNA PCI HSM

SafeNet’s Luna PCI HSM (pictured) is FIPS 140-2 Level 2 and 3 compliant, bringing a new level of data protection to your enterprise.

When Secret Server is configured to use SafeNet’s HSM, Secret Server will no longer store the encryption key on the server or perform the actual encryption and decryption. Instead, the encryption key is stored inside the device, and the device itself performs the encryption and decryption. Secret Server at no point is aware of the keys being used to encrypt or decrypt data. All the encryption and decryption stays in the hardware.

 

When an HSM is available, Secret Server will allow selecting the encryption key storage location during installation.

Installation HSM

SafeNet’s HSM also allows redundant configuration of two or more HSMs to ensure zero loss of data and Secret Server is always available.

We are pleased to be adding this capability to Secret Server and have enjoyed working with the smart folks over at SafeNet. The SafeNet HSM support will be available in the next release of Secret Server.





Sneak Preview: Bookmarklet 2.0

7 11 2012

Our team is working to make logging in to websites easier than ever with new bookmarklet functionality.

The new bookmarklet is able to work on any web page, and automatically log you in. It is only required that the web page has a secret in the Secret Server, and that the user be logged in to Secret Server.

This will greatly improve the compatibility over the web launcher. Sites that implement client-side validation, such as a CAPTCHA, were not compatible. With the new bookmarklet, the username and password will be filled out in the webpage itself, allowing the user to fill out just the CAPTCHA.

Form Filler

Above is an example of the bookmarklet working with Gmail. The bookmarklet will be compatible with recent versions of all major browsers. There isn’t an exact release date at the moment, but expect the functionality soon.





Sneak Preview: Dashboard Enhancements

18 10 2012

The next release of Secret Server has a lot of new functionality, in addition several tweaks to the user interface. We can catch a of glimpse of that now with one of the improvements to Secret Server’s dashboard. The Dashboard’s Secret View widget will now dynamically expand to take up the full width of the screen if there are no widgets to the right of it.

Fullscreen

This was a popular request, and it will allow users to utilize more of their screen space to work more effectively. Widgets can still be to the right of the Secret widget, just the way Dashboard works today.

Resize

This will be available in the next release of Secret Server, 7.9 along with many other exciting features. Expect the release within the next week or two.








Follow

Get every new post delivered to your Inbox.

Join 30 other followers