At RSA Conference 2016 Bomgar announced the new Bomgar Vault, which helps companies secure, manage, and administer shared credentials for privileged users and IT vendors.
Bomgar Vault improves security, compliance, and productivity by enabling security organizations to quickly find and gain control of privileged credentials, manage and rotate passwords, and directly inject credentials into servers and other network infrastructure via Bomgar’s Privileged Access Management solution.
“If a system administrator or vendor accesses an account on a regular basis, they may remember the password. But many times these accounts are shared and used infrequently, resulting in passwords written down on sticky notes or stored in unencrypted spreadsheets. These are exactly the kind of credentials cybercriminals target because they are the keys to your most critical systems,” said Sam Elliott, director of security product management, Bomgar.
Bomgar Vault helps security professionals quickly scan their network to find privileged credentials, check if they’re active, and determine the age of each password. Security organizations can also import credentials in bulk to quickly build a list of accounts that need to be managed.
Once privileged credentials are within the secure Bomgar Vault, all use of those credentials are managed, restricted, and logged. Credentials can be rotated automatically, based on defined rules or when the system detects plain text passwords have been exposed. Email alerts and approvals can be set up to keep responsible parties informed of critical credential use.
Integrating Bomgar Vault with Bomgar Privileged Access Management takes protection even further by enabling direct credential injection into servers and other network infrastructure without the system administrator or vendor ever seeing the credential. Integrating the solutions not only increases security, it also improves productivity by allowing administrators to access servers and systems quickly and seamlessly without having to find or check out credentials.
Organizations can also integrate Bomgar Vault with multifactor authentication (MFA) to further improve security for critical accounts by ensuring that the authenticated user is the actual user who should be granted access to the systems.