Rapid Enterprise Defense (RED) Identity Management helps you configure password check out workflows that save management time while granting faster access to authorized IT staff whenever needed for routine service or emergency firecall repairs.
RED Identity Management makes it easy for you to configure workflows that quickly provide authorized users audited access to privileged logins – from any allowed location, at approved times, while automating the approval steps to save your IT managers’ time.
With RED Identity Management you can configure checkout rules for any user or role. For example, you can grant a specific group of IT managers the ability to access a particular group of systems – with the option to always be alerted to each access – while requiring all other groups to get explicit approvals before gaining access.
Fast Approval Process
As a workflow approver, you’ll receive notification whenever it’s time to grant or deny a request. As soon as you take action, the user receives an email alerting them that their request has been approved or denied. If the request has been approved, the user can immediately check out the password from a secure web console.
You can configure RED Identity Management to re-randomize recovered passwords after use to prevent sharing of privileged logins, and to ensure there’s an authoritative audit trail that shows precisely who had access to each account, when and for what purpose.
RED Identity Management also supports integration with external workflow systems through its Event Sink functionality. This makes it easy to integrate RED Identity Management with any existing workflow systems that you may already have in place. RED Identity Management can also send alerts by email, SMS, phone and more.
Double Safekeeping Support
RED Identity Management can be configured for double safekeeping, or the two-man rule, to help ensure high levels of security during critical operations that may require approvals of two or more authorized personnel when accessing sensitive resources. RED Identity Management can break up static and dynamic privileged account passwords into as many different segments as required by an organization’s IT policies. Each password segment is assigned to an authorized user (or group) at the appropriate time, in a fully audited manner.
In practice, an IT manager might recover one segment of the password, while an IT administrator may obtain another segment separately. Together both parties have the entire password, but neither individual can access the resource alone, and neither needs to disclose their portion of the password to anyone else. Delegation, along with the splitting and assembly of passwords, is accomplished automatically and configured on an account-by-account basis for all types of passwords, including privileged passwords.
Contact us to learn more about how Lieberman Software can help you secure your organization’s privileged accounts.