Lieberman Software has launched new functionality that allows ERPM to provide secure check-in/check-out of privileged credentials directly through the McAfee® ePolicy Orchestrator® (McAfee ePO™) web-based interface, and provides identity and configuration data enrichment for ePO.
“With these new features, we will not only manage McAfee ePO credentials,” said Philip Lieberman, President and CEO of Lieberman Software, “but we will also enrich the existing data in ePO for managed systems. We’ll provide ePO users with the ability to retrieve limited lifetime credentials in a fully secure and delegated manner.”
The new ERPM capabilities allow delegated ePO users to temporarily access privileged account credentials – such as administrator and root passwords – directly from the ePO user interface. Access to the privileged credentials is controlled and audited, and passwords automatically revoked immediately after the work performed by IT personnel is complete. ERPM also now provides enhanced data enrichment by feeding information into ePO about privileged credentials on each system in the network that ERPM automatically discovers and tracks.
About Privileged Identity Management
Privileged identities are accounts that hold elevated, super-user permission to access files, install and run programs, and change configuration settings. They exist on most operating systems, business applications, databases, Web services, and network appliances in large organizations. Failure to maintain frequently-changed, unique credentials for each privileged account can result in unauthorized users and malicious programs gaining unrestricted access throughout the network after compromising just one password.
ERPM helps solve the security and regulatory compliance problem of shared and default privileged account passwords – and in doing so prevents unauthorized users and malicious programs from exploiting privileged accounts to gain unrestricted and anonymous access to systems with sensitive data. It offers a solution to the regulatory compliance requirement that access to privileged account credentials should only be allowed on a temporary, need-to-know-basis.