Thycotic Software Releases Revolutionary Two-Factor Authentication System

1 04 2013

Being in enterprise password management, we understand the importance of user authentication in information security. The AssWord Pad 1.0 takes biometrics and multi-factor authentication to a brand new level. Utilizing the latest in gluteal heat mapping technology, we have designed a product that’s sure to keep you safe from cyber threats.

Watch the video below to learn more about this incredible new product from Thycotic Software.

Oh yeah, and Happy April Fools Day from the entire Thycotic Team.


Comments : 2 Comments »
Tags: , ,
Categories : Uncategorized

Secret Server Copy-To-Clipboard for Google Chrome and Mozilla Firefox

26 03 2013

The Mozilla Firefox add-on and the extension for Google Chrome allows values from Secret Server to be copied directly to the clipboard. This allows for ease of access when a user needs to apply information from Secret Server to other locations, however, clipboards generally do not clear the data that was copied.

How do you protect your Secret data from being stolen from your clipboard? Secret Server’s Copy-To-Clipboard extensions add an extra layer of security to your clipboard by allowing the configuration of an automated schedule to clear the clipboard, so that the clipboard is cleared when exiting the browser. Each clipboard extension has a section that allows you to configure these options.

Copy-to-Clipboard

This makes it safe to use your clipboard and know that if you walk away from your computer for a few moments, someone won’t be able to take a password from your clipboard. It also helps prevent the accidental pasting of sensitive information into unsafe places, such as a chat client or email.

Currently, these security options are only available in the Firefox and Chrome extensions. Stay tuned for this functionality in Internet Explorer.


Comments : Leave a Comment »
Tags: , , ,
Categories : Secret Server, Tips & Tricks

New Webinar – Easily Manage and Secure all your Windows local administrator passwords

13 03 2013

Use discovery to quickly find all your local Windows administrator accounts – import them into the Secret Server vault (even if you don’t know the current password). Then set a schedule (30, 90 days etc.) for regular password changing and never worry about those passwords again.  Whenever a sysadmin needs a password, they just come to Secret Server to find it.  Using Discovery Rules allows all of this to be automated.

Join us for this Webinar on Thursday, March 28th 2013 at 11:30am EST (requires active support). This will be the first of a new Webinar series that will happen on the 4th Thursday of each month.  Change your email preferences to receive updates about these upcoming webinars.

These webinars will also be recorded so you can view them after the event or share them with your team members.  Each Webinar will have two engineers speaking about best practices, features, security and general problems you can solve using Thycotic products.  If you have specific items you would like to see covered, please email your Account Manager.

Thanks, Kaitlin.

Image


Comments : Leave a Comment »
Tags: ,
Categories : Uncategorized

SOX Compliance on external systems using PowerShell scripts in Secret Server

25 02 2013

A critical component of many compliance mandates such as SOX, HIPAA, and PCI is guaranteeing that user activity is audited.  Secret Server maintains an internal audit trail for user actions and access to shared privileged accounts, but it doesn’t necessarily guarantee that external systems maintain their own audits.  After several customer requests, Secret Server  can now be configured to audit external systems through custom PowerShell scripting to enhance auditing when a privileged account is used on an external system.

For example, we can look at Microsoft SQL Server’s auditing. How can an Administrator ensure that auditing of an account is in place when that privileged account is used?

Secret Server can be used to combine custom PowerShell scripts with its one time password (OTP) feature called CheckOut.  This allows a user to access a password from the repository but Secret Server will change it to a new random password afterwards.  Administrators can also upload PowerShell scripts to Secret Server and set them to run before an account is checked out, and after it is checked back in.  This can be used to ensure that various compliance actions occur before or after a password is used.

In the below example I’ve created a Secret for an account with access to the AdventureWorks database, and set up an Audit Specification in Microsoft SQL Server.

Image

In Secret Server I can now safeguard that the auditing I’ve set up for SOX, PCI, or HIPAA compliance is enabled whenever a user accesses the database with the AdventureWorksAdmin user.

On the Secret for the AdventureWorksAdmin user, I’ve enabled CheckOut.  Now when a user accesses the account the password will be changed once they are finished.  Next I uploaded a PowerShell script that ensures the Audit Specification is enabled on AdventureWorks, and set it to run before the Secret is Checked Out to the user.

Image

This Hook guarantees that auditing is turned on by preventing CheckOut if the PowerShell script fails.  If for any reason the script can’t ensure that the compliance auditing is enabled, then it will return an error and the user won’t be granted access the AdventureWorksAdmin SQL Account.  The CheckOut feature will also change the password after the user is finished with the Secret, so users are forced to go through Secret Server to access the privileged account.  This now provides named user audits in Secret Server that are tied to a specific shared account, and Microsoft SQL Server is guaranteed to maintain its own auditing whenever that account is used.

Ben Yoder is the Product Owner for Secret Server – you can find him at the Thycotic booth (#2644) at the RSA Conference in San Francisco this week.  Stop by to chat to Ben about SOX, PowerShell scripting or other cool stuff.


Comments : Leave a Comment »
Tags: ,
Categories : Best Practices, Events, Secret Server

Webinar: Secret Server Web Password Filler

20 02 2013

Sign up for the webinar here.

We will be covering:

  • the typical use cases
  • http versus https
  • CAPTCHA on login
  • changing form bindings
  • limitations
  • how to tell us about websites with issues
  • general Q & A

If you can’t make it at that time, we will also be recording the webinar.

Image

Sign up for the webinar here.


Comments : Leave a Comment »
Tags: ,
Categories : Uncategorized

Devolution’s Remote Desktop Manager integrates with Secret Server

20 02 2013

Thycotic Software would like to thank our technology partner, Devolutions, for recently integrating their Remote Desktop Manager with Secret Server.

Remote Desktop Manager’s integration with Secret Server enables you to launch your remote access applications easily and securely without knowing the credentials. By using our publicly available Secret Server API, Remote Desktop Manager is able to retrieve Secrets with machine credentials and then launch a variety of applications like LogMeIn, pcAnywhere, TeamViewer and more. Using this combination of tools enables your users to log directly into applications without knowing the password increases your security posture. Secret Server provides full auditing information on credentials being accessed with Remote Desktop Manager, providing detailed reports on all applications launched.

Setting up Remote Desktop Manager to use Secret Server as the credential store is fast and easy. Start by creating a new Credential Store and select Secret Server from the list of credential options.

Image

Next create a new session and select the Secret Server credential repository.

Image

Using Remote Desktop Manager with Secret Server gives you even more flexibility and options for accessing your Secrets.


Comments : 3 Comments »
Tags: ,
Categories : Uncategorized

Launching Batch Files in Secret Server

18 01 2013

A feature that was introduced in Secret Server 8.0 was the ability for the launcher to launch a batch script that is stored in Secret Server. This is useful when a custom launcher needs to be able to start multiple processes. For example, to create a custom launcher that starts an SSH tunnel program then starting PuTTY.

Batch Launcher

Create a Custom Launcher and upload your batch file to Secret Server and it will be encrypted and stored in your database. Secret values, including usernames and passwords, can be pulled from a Secret at launch time and passed as command line arguments to the batch file. After it runs, the batch file will be deleted from the local machine. Having your batch files launched from Secret Server adds security to your system by preventing end-users from changing batch commands and restricting the access to the files, and you get an audit trail for changes to the launcher and batch file.

Secret Server also helps with the ease of access to the batch file by having it stored in one central location instead of having to maintain batch files on each individual computer.


Comments : Leave a Comment »
Tags: ,
Categories : Secret Server, Tips & Tricks

« Previous Entries Next Entries »


Follow

Get every new post delivered to your Inbox.