Security solutions specialist Passlogix announced the release of an upgrade to v-GO Shared Accounts Manager (v-GO SAM), its solution for controlling administrative access to enterprise data assets. The v-GO SAM solution is designed to strengthen security for service accounts, used to connect end users to databases and other application services, by concealing and updating sensitive passwords as well as ensuring that individual users can be identified in the event of a data compromise.
The company said the upgrade was implemented to thwart efforts to use service account passwords to pilfer sensitive information ranging from credit card information to confidential health records. Adding to v-GO SAM's ability to control and track shared IDs and passwords required for administrative accounts, the solutions also aims to help businesses fulfill regulatory mandates such as PCI DSS, HIPAA and SOX by documenting all access attempts as well as the specific user involved.
The new support for service accounts plugs a security and compliance hole caused by the difficulty of changing service account passwords that are embedded in the application code and distributed on multiple client workstations and application servers, a company release explained. The upgrade allows businesses to store and encrypt all service account credentials in a central repository, removing them from multiple registry files and other locations where they are visible to IT personnel and potential hackers.
In addition, v-Go SAM allows businesses to automate password changes on any user-defined schedule, prevent data access without application login and helps organizations manage single-user, shared administrator and service account credentials with the same infrastructure, which the company said eliminates the need for a separate hardware or software vault system that is otherwise required to manage privileged passwords.
v-GO SAM also provides access to administrator accounts requiring shared IDs, such as those used to access root accounts, routers, firewalls and other IT assets, and for temporary workers and contractors who must used shared IDs. The solution allows users to check out credentials according to pre-established policies - including user role or group membership in the corporate directory as well as specific times and days, time windows, or maximum number of logons - and ties each checkout to the specific user to create an audit trail for compliance and forensic purposes in the event of a data breach.
Passlogix product manager Matt Berzinski said service accounts act like a back door to some of the most sensitive data in an enterprise. "Failing to manage service account passwords - as most organizations do - is like handing a hacker the keys to a database, whether it be credit card, online banking, healthcare or all of a business' customer lists, financials and HR information," he said. "v-GO SAM can now eliminate these vulnerabilities and provide the accountability needed to address regulatory prohibitions against the use of shared IDs."