Many organisations have strict network login password policies, and force their employees to change their Active Directory (AD) passwords every 90 to 120 days. However, their techs often use generic credentials to log into servers, applications, shared services or gain admin access. Hence from the system logs, how do you know which tech actually logged in using generic credentials?
How do you know who logged in and it may not have been a tech?
Why should you care?
- Having generic account and password information available to many people, increases the chance that someone will intentionally or unintentionally leak out sensitive information. Compromised, or leaked account details can be devastating for a company especially since generic accounts tend to have privileges that most standard users do not.
- If something breaks in the production environment, you would never be able to investigate who did it using a generic login.
So the question is, if generic accounts have to be used, how can they be reliably tracked and how can we still maintain a high level of security and traceability?
Password Manager Pro (PMP) is a password solution for enterprises to control the access to shared administrative and privileged passwords for any enterprise resource.
Password Manager Pro can:
- Proactively monitor to prevent mishandling of privileged access.
- Shadow privileged sessions in real time to supervise user activity.
- Join privileged sessions with users and provide remote assistance during troubleshooting operations.
- Terminate user sessions immediately in case of suspicious activity.
Download your 30-day Password Manager Pro free trial now. This gives you the ability to test the solution in your environment, check out the features and ensure that the solution is right for you.
If the trial doesn’t work, or if any issues arise, or if you have any queries regarding pricing or product information, email our ManageEngine NZ team at: sales@manageengine.co.nz
Dhruv Patel | Senior Pre-sales Solutions Engineer