Six questions Secret Server answers in the latest updates
Barbara Hoffman
You asked and we answered. We’ve been listening to questions Secret Server customers ask and working hard to make the industry’s top PAM solution even better. We’re excited to share a batch of updates to Secret Server that addresses your top concerns.
1. Is it possible to get rid of secrets and related data after it’s no longer needed by someone like a third-party contractor without disrupting your audit trail?
It’s a valid worry. In order to give contractors and partners privileged access to data and applications, you may have provided them secrets in Secret Server. Removal of privileged account information after it’s no longer needed is critical to security and compliance standards. Now, no Secret gets left behind.
New Secret Erase feature—delete unneeded secrets entirely and still maintain a record of erased events
You can remove privileged account information associated with a secret as soon as an engagement is complete. With the new Secret Erase feature, you can delete secrets entirely from your vault when they’re no longer needed, and still maintain a record of erased events to support auditing and maintain compliance.
2. Would I know if someone made a copy of one of our SSH public keys?
Anyone with one of your SSH public keys can encrypt data. Having a record of all existing SSH keys is essential to properly secure them, but it’s time-consuming to track and manage. Now you can discover and track SSH public keys more by automatically scanning Linux and Unix servers.
3. Am I missing important notifications because I’m drowning in email?
We get it. The number of notifications you receive can be overwhelming. If they aren’t easy to scan, key information can be easy to miss. Updates to the Secret Server Inbox make it easier than ever to manage how notifications are sent and received. Now you can schedule notifications, group notifications in a single email, and more.
4. How can I access secrets if I’m offline?
Back to traveling and worried about connectivity? Secured via Biometric Authentication, the Secret Server mobile app now allows you to cache your most important secrets, including secrets that require approval. Cached secrets are governed by a time-to-live that is set by the Secret Server administrator to ensure they’re accessible only for a limited time. Now, when you’re traveling to places with limited or zero network connectivity, you can access those cached secrets on your mobile device.
5. How can I manage a broader set of connections more easily?
Customers that are adopting Connection Manager are typically migrating over from other platforms and systems and looking for a broader set of options for managing their connections. Now, you can create or edit secrets from Connection Manager via a link that will launch an automatic Secret Server connection. You can get connected faster without having to enter credentials each time.
You also have the option to use a password-protected local data vault to store local connections or use secrets from Secret Server to maintain a higher level of security. If you choose to set up a new vault, you can back up the local vault before deleting it.
We’ve also made Connection Manager easier to use. An enhanced column picker lets you choose the data that is most important to you from a list. You can see if a Secret has checkout enabled, has been checked out, or requires approval. You can display friendly names for your server, connection, Secret, or mapped Secret on tabbed connections.
6. How can I integrate Web Password Filler into my Secret management process?
Web Password Filler is a capability of Secret Server that helps users transition from risky browser-stored passwords. It helps business users manage secrets as part of their workflow and admins access those secrets in the central, Secret Server platform.
Now Web Password Filler is even easier to use with a new interface and changes designed to enhance your experience. Check it out to see a new login screen, secrets list, intuitive menus, and more, including the ability to map unrecognized fields on webpages to enable auto-filling of credentials.
If you already have Secret Server, you’ll see these updates automatically. If you’re interested in learning more, we hope you’ll check out the latest version of Secret Server with our demo and sign up for a free 30-day trial.
Keep the questions and the feedback coming!
What does cybersecurity like this cost? Not as much as you think