PASSLOGIX ANNOUNCES MAJOR ADVANCE IN PRIVILEGED ACCOUNTS CONTROL: v-GO SHARED ACCOUNTS MANAGER
December 06, 2007 (PRLEAP.COM) Technology NewsNEW YORK, NY – Passlogix®, Inc., today announced v-GO® Shared Accounts Manager™ (v-GO SAM), a new module in its v-GO® Sign-On Platform™ that offers an industry-first approach to managing access to privileged accounts. v-GO SAM leverages v GO’s enterprise single sign-on capabilities and its interoperability with identity management and strong authentication systems to close the security gaps associated with shared credentials, offer new capabilities that aid regulatory compliance, and eliminate the need for a dedicated vault system for shared account management.
v-GO SAM enables credentials to be securely shared by multiple users such as system administrators who must access privileged accounts, workgroup members who must share a pool of generic accounts, and temporary workers or contractors who must be issued temporary generic accounts. It interacts with v-GO Single Sign-On (v-GO SSO), the core application in the v-GO product suite, to receive and respond to requests for credentials.
With v-GO SAM, a user requiring access to a privileged account makes an online request to check out a specific username and password from a central container dedicated to shared accounts, usually located in a corporate directory such as Active Directory. The request is approved or denied based on the user’s role and group membership in the corporate directory and/or an approval workflow in the enterprise’s identity management system.
The system then issues the username and password, subject to policy-based usage controls such as a two-hour credential expiration or a limited number of logins. The user never sees the password so it can never be shared with anyone else. After expiration, the username and password are automatically deleted from the user’s credential store and checked back in to v-GO SAM. Usernames and passwords cannot be checked out to multiple users simultaneously, thus establishing a single point of accountability for all activity on the target system.
Instead of buying a separate hardware or software vault system to administer shared accounts, v-GO SAM allows organizations to use their existing enterprise single sign-on (ESSO) infrastructure and identity provisioning systems to address the challenge of privileged account password management and compliance. System administrators can now manage both conventional and shared credentials with a common strategy and infrastructure.
v-GO SAM’s integration with Passlogix’ ESSO technology also makes the product:
• The first solution with an identity-centric architecture that relies on a user’s identity and optionally, an identity management system, to govern the usage of shared account IDs, This makes it possible to associate credentials to a unique individual for accountability purposes.
• The first solution that hides credentials from the end user, eliminating the threat of password sharing, associated accountability problems, and the possibility of passwords getting into the hands of non-privileged users.
• The first solution that can require use of a strong authentication device in order to sign-on to the privileged account, providing an additional layer of security.
These features offer significant advantages for organizations that must comply with regulations such as Sarbanes Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach Bliley Act (GLBA) and Payment Card Industry (PCI) requirements governing data security.
In the case of PCI, for example, v-GO SAM aids compliance for merchants and service providers handling credit card information in part by fulfilling the requirement that each user accessing system components or cardholder data be identified by a unique user name. The combination of the unique identifier required for v-GO logon (typically the Active Directory user ID) and v-GO SAM’s one-password-at-a-time policy helps meet that mandate and protect payment card processors against serious PCI-related penalties.
“Managing accounts with shared privileges has become an issue of growing concern in the face of security breaches and regulatory mandates. Malicious users can steal, change or delete data, and it would be impossible to pinpoint the culprit,” said Stephane Fymat, vice president of strategy and product management, “v-GO SAM offers a new ESSO-based model for privileged account management that provides significant security, compliance and administrative benefits by extending the principles and infrastructure of single sign-on and identity management to encompass shared accounts.”
v-GO SAM is the latest add-on product to the core v-GO single sign-on platform. Five other modules extend v-GO’s single sign-on capabilities to any form of strong authentication and to kiosk environments; enable all identity provisioning systems to automatically inject user credentials into v-GO SSO; permit self-service reset of forgotten Windows passwords; and centralize management of strong authentication devices. The platform has sold more than 6 million licenses to organizations around the world.
v-GO Shared Accounts Manager is scheduled to be released in Q1 2008.
Separately today, Passlogix announced an industry-first v-GO On Demand Edition that simplifies enterprise single sign-on deployments for both administrators and end users by enabling the client software to be accessed with a simple click on a link. This unique deployment strategy allows organizations to extend single sign-on to remote users and to install ESSO on a USB memory stick for use with any computer, broadening ESSO’s reach to users previously unable to benefit from the technology’s password management capabilities. For more information, visit www.passlogix.com.
Passlogix is the developer of the v-GO Sign-On Platform, the market's most robust, scalable and easy-to-deploy enterprise single sign-on platform with successful installations in hundreds of organizations of all sizes and in all industries around the world. The company's patented intelligence-based technology eliminates lengthy and expensive implementation cycles, and provides rapid return on investment, by adapting to any existing infrastructure without the need for custom coding or replacement of legacy hardware or software. Founded in 1996, Passlogix is headquartered in New York City with sales offices throughout the United States, United Kingdom, Hong Kong and Singapore. For more information please visit http://www.passlogix.com/