Overview

In today's rapidly evolving digital landscape, safeguarding privileged accounts is paramount to maintaining robust security. One Identity Safeguard offers a comprehensive Privileged Access Management (PAM) solution designed to protect these critical accounts. By adopting an identity-centric Zero Trust model, Safeguard ensures just-in-time access, enabling organizations to collect, store, manage, authenticate, record, and analyze privileged access effectively. This holistic approach not only fortifies security but also alleviates the challenges associated with managing privileged accounts.

Features and Capabilities

• Safeguard for Privileged Passwords:
  • Automates, controls, and secures the process of granting privileged credentials with role-based access management and automated workflows.
  • User-centered design reduces the learning curve and allows password management from virtually any device.
  • Key features include quick discovery and onboarding of assets, an automated workflow engine, the ability to approve passwords from anywhere, a full REST API, and a free personal password vault for business users.
• Safeguard for Privileged Sessions:
  • Enables control, monitoring, and recording of privileged sessions of administrators, remote vendors, and other high-risk users.
  • Content of recorded sessions is indexed, facilitating easy searching for events and simplifying auditing and compliance requirements.
  • Acts as a proxy, inspecting protocol traffic at the application level and rejecting any traffic that violates protocols, serving as an effective shield against attacks.
  • Key features include full session audit, recording, and replay; real-time alerting and blocking; initiation of workflows or deployment in transparent mode without changes to users; and full-text search capabilities, including Optical Character Recognition (OCR).
• Safeguard for Privileged Analytics:
  • Monitors questionable behaviors and uncovers previously unknown threats from inside and outside the organization using user behavior analytics technology.
  • Detects anomalies and ranks them based on risk, allowing for prioritized and appropriate action to prevent data breaches.
  • Key features include pattern-free analysis to detect unknown malicious behaviors, full content analysis (including screen content, issued commands, and window titles), utilization of keystroke dynamics and mouse movement analysis to help identify breaches, and reduction of alert noise by categorizing alerts by risk and deviation levels.
• Safeguard On Demand:
  • A SaaS-delivered solution that combines a secure password safe with session management and monitoring, along with threat detection and analytics, all managed and delivered from the cloud.
  • Key features include full-strength PAM with SaaS delivery, mitigation of potential damage from security breaches, compliance requirement fulfillment, and identification and prevention of risky behaviors and unusual events.
• Safeguard Authentication Services:
  • Integrates Unix, Linux, and Mac OS X into Active Directory, extending the compliance and security of Active Directory across the enterprise.
  • Creates an Active Directory Bridge, enabling users to log on to non-Windows systems using their Active Directory credentials.
  • Key features include consolidation of identities and enforcement of separation of duties, extension of Windows Group Policy to non-Windows systems, leveraging existing investments in infrastructure and skills, and single sign-on capabilities for Unix, Linux, and Mac.
• Safeguard for Sudo:
  • Centralizes management of sudoer policy files, simplifying the administration of sudo.
  • Generates reports on sudoer access rights and activities and enables keystroke logging of all activities performed through sudo.
  • Key features include centralized management of the sudoers policy file, keystroke logging of all sudo activities, access rights and activity reporting for sudo, and leveraging existing investments in infrastructure and skills.