Secret Server’s workflows require that a user is granted approval to access a password or Secret. Once the control is applied, users must request access for a set amount of time and cannot use the Secret until approved.
This can be tied into ticket systems such as ServiceNow or BMC to ensure that the user has a valid change or incident number that they are responding to. Requiring approval with a reason maintains accountability and guarantees that approvers know why a user needs access.
All requests, approvals, and denials are fully audited for reporting and compliance. Enforcing approval and auditing who requested and who approved is a key control for many insider threat and risk management programs because it requires two different users to complete a task. This helps prevent abuse of privilege or the prospect of an insider using sensitive accounts to sabotage systems or exfiltrate data.
Ticket number validation can be included in the approval request or can be a standalone workflow, along with a reason for access.
For more information on configuring ticket systems with Secret Server refer to this Knowledge Base topic.
Access can be requested ad hoc or ahead of time if a user knows they will need a credential during a maintenance window. Email notifications are customizable to include company-specific policy information.
Security Solutions as a service.
Maximize your password security,
Minimize your security risks.