Many organisations have strict network login password policies, and force their employees to change their AD passwords every 90 to 120 days. However, their techs often use generic credentials to log into servers, applications,  shared services or gain admin access. Hence from the system logs, how do you know which tech actually logged in using generic credentials?

Why should you care?

  • Having generic account and password information available to many people, increases the chance that someone will intentionally or unintentionally leak out sensitive information. Compromised, or leaked account details can be devastating for a company especially since generic accounts tend to have privileges that most standard users do not.
  • If something breaks in the production environment, you would never be able to investigate who did it using a generic login.

So the questions is, if generic accounts have to be used, how can they be reliably tracked and how can we still maintain a high level of security and traceability?

 

Password Manager Pro (PMP) is a password solution for enterprises to control the access to shared administrative⁄privileged passwords for any enterprise resource.

PMP can:

  • Proactively monitor to prevent mishandling of privileged access.
  • Shadow privileged sessions in real time to supervise user activity.
  • Join privileged sessions with users and provide remote assistance during troubleshooting operations.
  • Terminate user sessions immediately in case of suspicious activity.

 

Download your 30-day free trial now.

If you have any queries, email us at sales@manageengine.co.nz

 Dhruv Patel | Senior Pre-sales Solutions Engineer