Organizations that can’t effectively find, manage or monitor privileged credentials could end up with a serious data breach on their hands. And the most devastating breaches not only capitalize on compromised privileged access credentials, but also leverage system vulnerabilities to inflict additional damage. Many IT organizations use shared accounts for privileged users, administrators or applications so that they readily have the access they need to do their jobs. If inadequately managed, these credentials pose significant security and compliance risks stemming from either the intentional or accidental misuse of shared privileges.

Some systems have embedded or hardcoded passwords, opening up additional opportunities for misuse. Unfortunately, most IT organizations struggle to balance accountability of shared privileged accounts with user productivity.

With BeyondTrust PowerBroker Password Safe version 6.4 and McAfee ePolicy Orchestrator(ePO) version 5.9.x, IT organizations can take control of privileged credentials and access policies by managing everything through a single console.

Key Features

DISCOVER AND ONBOARD ASSETS INTO POWERBROKER PASSWORD SAFE DIRECTLY FROM MCAFEE EPO

McAfee ePO provides synchronization options to identify whether a system is currently under management by Password Safe, and if desired, an unmanaged system may be onboarded directly from the ePO console.

ADD/REMOVE MANAGED ACCOUNTS FROM THE EPO CONSOLE

By selecting any Password Safe managed system, new accounts may be brought under management, or existing accounts unmanaged directly via contextual actions.

LAUNCH SECURE SESSIONS THROUGH THE EPO CONSOLE

PowerBroker Password Safe offers customers the ability to remotely connect to devices and endpoints without knowledge of the credentials being used. From the McAfee ePO console, the user can select a Password Safe managed system, and then select an action to automatically launch an SSH or RDP session to the asset without displaying the credentials.

RELEASE PRIVILEGED CREDENTIALS THROUGH THE EPO CONSOLE

With this feature, a user who has logged into the ePO console can select a system, and then select a managed credential they are authorized to retrieve the password for.

MANAGE AND ROTATE ACCOUNT PASSWORDS ON SELECTED DEVICES

From within the McAfee ePO console, a user can select one or more systems, and choose to cycle the passwords for all associated managed accounts.

PASS MCAFEE EPO TAGS AS KEYWORD ATTRIBUTES IN PASSWORD SAFE

Systems in PowerBroker Password Safe may be tagged with specific keywords from ePO Tags. This allows Smart Rules to dynamically group assets for such actions as quarantine, or role reassignment.

“Together with BeyondTrust, we are able to provide a seamless management solution that allows users to better understand and take actions against privilege-based risks.”

- D.J. Long, Head of McAfee Security Innovation Alliance

PowerBroker Password Safe & McAfee ePolicy OrchestratorPrivileged Password Management for ePO

With PowerBroker Password Safe, McAfee ePO users can manage privileged credentials and access policies through a single platform.

SOLVING PRIVILEGED PASSWORD MANAGEMENT USE CASES

The integration between PowerBroker Password Safe and McAfee ePO addresses several critical use cases for organizations looking to gain control over all privileged accounts:

y Deliver a lightweight client that integrates with your existing environment to manage privileged passwords

y Provide a single platform for managing privileged sessions

y Enable password management and rotation from a single console

y Audit and report on all privileged activity and privilege sessions

POWERBROKER PASSWORD SAFE: PRIVILEGED PASSWORD MANAGEMENT

PowerBroker Password Safe is an automated password and privileged session management solution offering secure access control, auditing, alerting and recording for any privileged account – from local or domain shared administrator, to a user’s personal admin account (in the case of dual accounts), to service, operating system, network device, database (A2DB) and application (A2A) accounts – even to SSH keys, cloud, and social media accounts.

Password Safe offers multiple deployment options and broad and adaptive device support.

y Secure and automate the process for discovering, managing and cycling privileged account passwords and SSH keys

y Control how people, services, applications and scripts access credentials

y Auto-logon users onto RDP and SSH sessions, without revealing the passwords

y Record all user and administrator activity in a comprehensive audit trail

y Alert in real-time as passwords are released and privileged session activity is started

MCAFEE EPO: A SINGLE CONSOLE FOR ALL YOUR SECURITY MANAGEMENT NEEDS

McAfee ePO is the most advanced, extensible, and scalable centralized security management software in the industry.

y Get a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile, and networks

y Simplify security operations with streamlined workflows for proven efficiency

y Utilize flexible security management options with on-premise and cloud-based management versions

y Leverage your existing third-party IT infrastructure from a single security management console with an extensible architecture

© 2018 BeyondTrust, the BeyondTrust logo and PowerBroker are registered trademarks of BeyondTrust Software, Inc. Other trademarks identified on this page are owned by their respective owners. January 2018

The PowerBroker Privileged Access Management Platform

PowerBroker Password Safe is part of the BeyondTrust PowerBroker Privileged Access Management Platform, which delivers visibility and control over all privileged accounts, users, and assets. The platform integrates a comprehensive set of PAM capabilities to simplify deployments, reduce costs, improve system security, and reduce privilege-related risks. PowerBroker solutions include:

y Enterprise Password Security: Provide accountability and control over privileged credentials and sessions.

y Server Privilege Management: Control, audit, and simplify access to business critical systems.

y Endpoint Least Privilege: Remove excessive user privileges and control applications on endpoints.

CONTACT

North America info@beyondtrust.com

EMEAemeainfo@beyondtrust.com

APAC apacinfo@beyondtrust.com

LATAMlatam@beyondtrust.com

CONNECT

Twitter: @beyondtrustFacebook.com/beyondtrustLinkedin.com/company/beyondtrustwww.beyondtrust.com