Secret Server Feature

SSH COMMAND WHITELISTING

Enhance your Secret Server security by enforcing least privilege on Unix/Linux root admin accounts!

For UNIX

  • Enables Secret Server administrators to build a Unix command whitelist to limit what users can do with privileged accounts.
  • Increases security with granular control of root credentials to limit privileges, while meeting compliance regulations and policies for Unix Superuser Privilege Management (SUPM).
  • Report on what commands users can run to prove audit or compliance mandates.

Key Benefits

  • Ensure privileged accounts are more secure by enforcing least privilege policies for Unix superusers without impacting their productivity.
  • Minimize the risk of data breaches and insider abuse associated with unauthorized access to, or escalated privileges of, Unix superuser accounts
  • Demonstrate compliance with security policies and regulations by showing auditors that superuser privileges are effectively managed, monitored, controlled, and secure.
  • Enable Unix administrators to centrally manage and provision Unix accounts that are linked to AD.
  • Save time and money by significantly reducing help desk calls and minimizing Unix admin account management issues.
  • Understand and prove to auditors what users are authorized to do with root credentials.

SSH command whitelisting

Utilizing SSH command whitelisting, Privilege Manager for Unix gives you greater control

SSH Command whitelisting allows admins to log in as root, but only gives them access to a set of predefined commands. For example they might be able to restart the database and read log files, but not reset user passwords.

Thycotic Privilege Manager for Unix provides an integrated Secret Server security solution that enables you to control and monitor the commands super users can run based on their role and required tasks.

  • Minimizes the use of privileged rights and enforces least privilege policies for superuser rights.
  • Replaces siloed sudo configuration files with an enterprise-ready, scalable security solution with audit capabilities.
  • Restricts commands based on defined policies and limited superuser permissions, reducing the risk of misuse, abuse or accidental error.
  • Provides complete management, monitoring, recording and secure single-sign-on for Secret Server privileged accounts.
  • Easily delegate and revoke privileged UNIX administration without having to manage sudo files or allow full root access.


4Passwords
Secret Server Hosting

Security Solutions as a service.
Maximize your password security,
Minimize your security risks.