App Review: Password Manager Secret Server by Tycotic
Either you are frustrated with having to manage of privileged account passwords or you do not bother with ever changing them. If you share a SU account among techs, is that really a safe practice? The IT infrastructure world is vulnerable to hacking and when generic passwords are used, and then shared among users, this creates an even more vulnerable environment. If your company does employ best security practices, then a system admin is tasked with changing passwords every 30, 60, or 90 days. The downfall of this practice is where are these passwords stored? An encrypted excel file, Access file, notepaper? The IT department needs a secure central place to be able to store, share, limit access, audit, and manage all of their privileged account passwords which hold the keys to their kingdom.
Secret Server is a tool that accomplishes all of the aforementioned and more! The intuitive UI allows the sys admin to enter anything from a password to a file into the application and manage it with role based access control. Secret Server really shines when it comes to managing privileged accounts. With active capabilities, Secret Server can automatically generate and change privileged account/network passwords on a given time interval. The users sign into Secret Server and can access any passwords they have privileges to view, without the proper privileges users will be unable to view information they do not need to view. For example, the admin who manages servers has different privileges than the admin managing work stations, and therefore should not have access to the other’s information. You can decrease vulnerability by only allowing employees to view information they need to complete their jobs. A key aspect of Secret Server is the auditing feature. Every user and secret has a full audit trail. You can select a user and a date range and Secret Server will build a report of every secret that user has access. With passwords used on the network, the admin running the report can expire every password that a user has accessed and Secret Server will generate a new password and update it where ever it is used on the network. There are a slew of different security features that Secret Server offers such as check out, request access, Radius support and advanced reporting which allows the user to create their own reports, or request a report to be built by the technical support team. This is a great tool and ROI is seen immediately because the number of man hours spent on managing privileged accounts is drastically decreased. Also this saves time and money on auditors as the audit trail and reports are already available within the application. No more two-week scrambles to get auditing information for management.
As a password management tool with available mobile apps, Secret Server is a market leader in securing sensitive data within the IT department of any company, small or large.
What I like: This is a great app, you access it online from anywhere with your passcodes!
My rating: 10/10