IT administrators rely on network-connected remote access devices to manage critical server hardware from anywhere, without the need to be physically present in the datacenter. These devices give “lights-out” access to manage, patch and rebuild systems regardless of whether the computer operating system is functioning.
One of the most popular remote access devices is the Dell Remote Access Controller (DRAC), a product that allows staff to configure datacenter systems as though they were physically present. DRAC cards allow you to:
- Access servers’ local administrative consoles
- Reboot server hardware
- Power on and off computer hardware
- View the condition of power supplies, cooling fans, and other critical components
- Install and update BIOS
The reality is that many organizations fail to change the default privileged account passwords on their servers’ remote access devices. Left unchanged, anyone with access to the management network and knowledge of widely-known default passwords can have anonymous, unaudited access and management control of any server at any time.
Lieberman Software is Dell Certified for DRAC Password Management
Lieberman Software’s Intrusion Remediation Platform, Lieberman RED – Rapid Enterprise Defense Identity Management is the first product Dell PartnerDirect certified to continuously secure all DRAC devices on your network. This protects the privileged login credentials of each device while providing secure access through an audited web portal.
RED Identity Management discovers all of the Dell lights-out management cards in the network and then updates each password with cryptographically strong, unique credentials. The internal controls and release mechanisms within the Lieberman Software products provide a “check-out” and “check-in” process that automatically changes the passwords between usages, assuring a time-limited access to these powerful consoles.
Maintaining Regulatory Compliance
Most corporate and government organizations are required to proactively manage privileged account passwords, including those found on server remote access cards. Security compliance standards such as PCI-DSS, HIPAA, FISMA, and Sarbanes-Oxley require that organizations maintain documented controls for the release, use and changing of privileged identities. The lack of automated products to mass-manage and control privileged access to these critical devices lead to negative audit findings, costly fines and damaging data breaches.
With RED Identity Management you’ll know precisely who had access to each of your privileged accounts, when and for what purpose. These solutions secure not only the privileged logins used to access remote access cards, but also administrative user accounts and the privileged accounts stored by applications and services to access sensitive data on your network.
Contact us today to learn more about our DRAC password management solutions.