Business Driver – Thycotic Privilege and Password Product Suite

Thycotic’s market leading Privileged Access Management (PAM) enables you to protect your organisation’s privileged credentials – applications, root, administrator across the Enterprise and store them in an encrypted, centralised repository. PAM also helps discover root, service, application and administrative accounts to identify who should and should not have access to privileges based on role and responsibility. Secret Server helps organisations to provision access, ensure password complexity, delegate access and control IT sessions. 

  • Cloud or On-site
  • Customise to meet unique business requirements
  • Exercise more granular control over critical security infrastructure
  • Delegate access and rotate credentials
  • Monitor and record sessions for forensic review and analysis

Solution Overview:  Thycotic Account Lifecycle Manager

Managing Service Accounts (non-human accounts that interact with the operating system) is a challenge because authentication mechanisms like AD have traditionally been unable to distinguish the difference between user and service accounts. Account Lifecycle Manager from Thycotic fills this void by identifying service accounts, understanding their purpose and mitigating the risk of breaches, human error or service downtime.

  • Establish tighter controls with workflows
  • Delegate accounts based on roles and automatically provision and decommission accounts without interruption to service delivery
  • Enforce governance and ownership compliance over service accounts
  • Reduce service account sprawl and reduce risk through better management 

Privileged Behaviour Analytics

Privileged Account abuse poses a real threat to cybersecurity but the risk to an organisation can be reduced with the deployment of Thycotic’s Privileged Behaviour Analytics. This solution allows administrators to quickly identify privileged account abuse, identify the extent of the malfeasance and flags risk of anomalous behaviour proactively

  • Easy to manage controls
  • Intuitive reporting
  • Extensive customisation
  • Easy to incorporate into existing disaster and business availability plans
  • Integrate seamlessly with Secret Server and log notifications with Slack and ServiceNow

DevOps Secrets Vault

Typically, DevOps environments are tough environments with relentless deadlines and challenging collaborative demands. The DevOps ecosystem is often a repository of critical intellectual property and trade secrets that provide a competitive advantage. DevOp’s Secrets Vault from Thycotic replaces risk-prone passwords with Application Process Interface (API) commands that automate “secret creation”, retrieval and archiving.

  • Secure sensitive intellectual property” (IP) securely with DevOps Vault
  • Centralise the repository of secrets and enforce stringent access controls
  • Integrate seamlessly with RPA tools and automatically scale as DevOps pipelines grow or retract
  • Works out-of-the-Cloud with Thycotic Secret Server

Connection Manager

Thycotic’s Connection Manager lets IT and Security administrators manage and interact concurrently with RDP and SSH remote connections in a unified environment.

  • Launch and configure sessions across multiple environments
  • Automatically inject credentials into remote sessions on an ad hoc basis
  • Manage centrally using a single intuitive interface
  • Record sessions and provide an audit trail for tracking and forensic analysis

Links and Resources 

Password Management

Password Reset Server for Active Directory (AD) and Office 365

Password resets can cost organisations up to $100 per instance and demand an enormous amount of time and resources. By dedicating an application to the task password related service calls can be reduced by up to 70% and self-service provisioning are quickly adopted by errant users.

  • Improve password strength and security
  • Automate password provisioning reducing administrative costs
  • Replace inefficient and risk-prone manual processes
  • Improve staff productivity
  • Integrate seamlessly with market leading authentication tools like AD
  • Automate enrolment for educational environments or casual employees

Least Privilege

Privilege Manager

Stop ransomware and malware in their tracks by deploying Thycotic’s Privilege Manager that removes local administrative rights from endpoints. By deploying a single agent across users, administrators can manage and remove local admin rights and elevate trusted applications to execute, sandbox or block while maintaining “least privilege” model.

  • Single agent for simple deployment
  • Apply flexible policies using whitelisting, blacklisting and greylisting to define trusted applications and processes
  • Improve productivity with users automatically accessing apps and system resources without administrative intervention required

Access Control

Unix Protection

Increase the safeguards and controls that protect Unix infrastructure from breach or attack. Thycotic’s Unix Protection extends your Secret Server investment even further and ensures that local root accounts are protected. It also improves the root discovery process by managing and controlling access more vigilantly.

  • Control and manage SSH Keys
  • Apply least privilege access for Sudo / Su and other potentially destructive command line instructions
  • Manage SSH Keys more efficiently and securely
  • Harness the power of Thycotic’s Secret Server across all Unix Servers
  • Demonstrate compliance across all Unix infrastructure
  • Reduce service desk calls by reducing support related requests