Securden’s new Unified Privileged Access Management

• Author
• Recent Posts

Brandon Lee

Brandon Lee has been in the IT industry 15+ years and focuses on networking and virtualization. He contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

Latest posts by Brandon Lee (see all)

• Understanding Kubernetes Persistent Volumes - Mon, May 29 2023
• Pulseway 9.2: Remote monitoring with workflow automation - Thu, May 18 2023
• ENow Active Directory Monitoring & Reporting - Tue, May 16 2023

High-profile attacks litter the news with ransomware and other data breaches, causing widespread disruption. The culprit behind data breach events and ransomware is often breached credentials and even privileged credentials in the environment. Controlling PAM in the environment is a challenge for most organizations.

Securden provides a wide range of privileged access solutions. Recently, they introduced the Unified Privileged Access Management (Unified PAM) solution to provide a holistic approach to privileged access security for enterprise IT.

Securden Unified PAM overview

Securden's Unified PAM solution combines multiple capabilities and features of privileged access management into a single solution. Unifying the product features into a single solution helps businesses avoid the product sprawl typical of enterprise environments since it deploys multiple products to control privileged access.

In a single package, Securden Unified PAM helps businesses with several areas of securing privileged access management. These include:

• Privileged account lifecycle management, end-to-end—Securden Unified PAM enables storing identities securely and protecting access to these identities. It enables automating the management of privileged passwords, keys, identities, and other sensitive information. It can also control, audit, monitor, and record access to sensitive, privileged resources.
• Remote access management—This past year, businesses everywhere have needed to offer secure remote access solutions. Securden allows companies to provide secure, one-click connections (RDP, SSH, SQL, and others) with remote resources, whether servers, databases, devices, or web applications. It does this without the need for VPN connections.
• Monitoring and management of privileged access sessions—Securden allows recording sessions for forensics and playing them back when required. In addition, IT admins can collaborate with sessions or terminate a session if deemed a security risk.
• Full credential management—You can control application-to-application credentials, secrets, machine identities, and other sensitive resources, as these can be managed and transferred between machines, containers, APIs, or other means. These capabilities help support DevOps processes and CI/CD pipelines for fully automated environments.
• Elevate and delegate privileges securely—Securden allows granularly elevating and delegating privileges so that users are granted very specific access to particular resources. It enables the creation of policies to specify which commands, applications, and processes are elevated for sysadmins. These can also be temporarily elevated.
• Privilege management on endpoints—Securden can manage and elevate privileges for standard users on endpoints. Applications can be whitelisted and blacklisted based on time-limited privileges. Access according to the principle of least privilege can easily be enforced for end users with little impact on their experience.

Installing Securden Unified PAM

One of the things that I like about the Securden Unified PAM solution is the ease with which you can get the solution up and running. Many security-related and privileged access tools are a challenge to configure. However, you won't find that with the Unified PAM solution. It is a simple installation wizard with minimal configuration required.

The new structure for the range of Securden solutions includes the following:

• Password vault for enterprises
• Enterprise PAM
• Windows Privilege Manager
• Unified PAM

New features to note with Securden Unified PAM

There are numerous features to note between Privileged Access Manager, Windows Privilege Manager, and Password Vault in the new Securden Unified PAM solution. However, let’s briefly showcase the following:

• Temporary admin access—Provide helpdesk technicians with temporary troubleshooting privileges on endpoints
• Advanced session recording—Includes sessions connected through remote gateways
• New reports, including the Security Analysis Report—Enables analyzing stored passwords from various security angles, including weak passwords, reused passwords, recycled passwords, and others
• Breached Passwords Identification—Identifies passwords found on breached password lists available on the web
• Advanced high-availability architecture—Provisions to have any number of active secondary servers and achieve automatic failover
• Comprehensive APIs—Allows managing DevOps keys
• Unix Connectors—Handles all operations with UNIX devices

Temporary admin access

Securden Unified PAM allows senior IT admins to grant temporary admin access to helpdesk technicians who need to perform initial troubleshooting of issues. With this approach, administrator access can align with the Just In Time (JIT) administration model. Access can be time-limited and provided in a granular fashion.

Advanced session recording

With Unified PAM, Securden has enhanced its session recording capabilities to include the ability to record sessions that are connected through Securden's remote gateways. Remote gateways allow secure remote access without VPN access.

Recording sessions using Securden Unified PAM

New reports, including the Security Analysis Report

Unified PAM has a more robust set of reports available to IT adminsincluding a Security Analysis Report which helps to better understand the state of credentials both for work and personal accounts contained in the solution.

Wide range of reports available in Unified PAM

Work and personal security analysis reports available in Securden Unified PAM

Breached password identification

One of the top priorities of organizations in securing the passwords of end users is scanning for breached passwords. Hackers use password lists to compromise user accounts easily. Securden Unified PAM has built-in breached password scanning and protection enabled by default to quickly identify accounts that contain credentials found on breached password lists.

Security analysis report available in Securden Unified PAM

Breached password protection in Securden Unified PAM

Advanced high-availability architecture

Securden Unified PAM has many features that allow organizations to have a highly available PAM solution with multiple servers operating in high availability.

Securden Unified PAM boasts many high availability features

Comprehensive APIs

Securden Unified PAM supports the move to modern applications with built-in APIs that support DevOps processes and the need for credentials to be called in pipelines.

Securden Unified PAM provides RESTful API abilities for securing credentials

UNIX connectors

The new UNIX connector handles all operations on Unix devices. This new connector includes remote password reset, remote connections, and session recording. For environments with a mix of Windows and UNIX devices, this is a welcome addition to the platform to provide a unified solution for privileged access management across the environment.

Wrapping Up

Securden's new Unified PAM solution is a step forward in holistic privileged access security. For those that need all the features and capabilities found in a single solution without the need to manage different interfaces and processes, Unified PAM lives up to what it says it can deliver, unified privileged access management. The need for PAM in modern environments is becoming more critical as attackers are increasingly using account compromise as the attack vector of choice because it is an easy path to compromise. With Securden Unified PAM, businesses will gain the visibility and control needed to apply technical guardrails around the use and management of privileges in their enterprise environments.