In any organization with large numbers of users signing into many of systems and applications, there will be a high help desk call volume due to forgotten passwords and intruder lockouts. In this context, a large team of IT support staff is required, all of whom must have logins with elevated privileges -- capable of resetting passwords on end user logins and clearing intruder lockout flags.
The large number of logins with elevated privileges creates its own security problem: these are high-value targets for security compromises and their number represents an elevated security risk.
- Hitachi ID Password Manager uses its own login ID and password to reset user passwords and clear lockouts.
- IT support staff and end users sign into Password Manager with their own, unprivileged credentials.
- Password Manager supports strong authentication for support staff, including one-time-password devices and smart cards, making these logins hard to compromise.
- Password Manager can randomize the password it uses to connect to target systems, making the remaining login with elevated rights a much harder target to compromise.
Using Password Manager, organizations can eliminate most of the login IDs that have elevated privileges, greatly improving system security.