Skip to main content

Request SaaS Deployment

Contact Sales

Company News

Ekran System Enhances Privileged Access Management: New Workforce Password Management Feature

Share:

At Ekran System, we constantly enhance the capabilities of our platform, ensuring that organizations have effective and up-to-date tools to protect their critical assets. This time, we are announcing the release of the Workforce Password Management (WPM) feature.

This new functionality aims to improve Ekran System’s privileged access management (PAM) capabilities by streamlining password security and management for all users within an organization. This post highlights the key advantages of the existing Password Management solutions and introduces the new WPM functionality.

Ekran System’s Password Management

Our existing Password Management suite provides a comprehensive solution for the secure handling of privileged account credentials which are stored in secrets. Password Management includes the following features:

  • A password vault for the secure storage and delivery of secrets.
  • Automated and manual remote password rotation for mitigating the risks of credentials-based attacks by ensuring regular password changes.
  • Password management for secure access to different types of shared accounts stored in the corresponding Active Directory, Windows, Unix (SSH), Unix (Telnet), Web, and MS SQL account secrets.
  • Password checkout for preventing concurrent use of any secret, and therefore reducing the risk of credentials misuse.
  • Role-based access control (RBAC) for granting users permissions to use and edit secrets.
  • Access approval options for allowing usage of any secret only on approval by an administrator (either always, or only outside of the work hours specified).

To further enhance security and simplify the management of credentials, Ekran System has come up with a new feature – Workforce Password Management. 

Workforce Password Management: capabilities and benefits

Workforce Password Management (WPM) now allows PAM users to create and manage their own private secrets, which are called WPM secrets. These WPM secrets are hidden from all other users except the default “admin” user of Ekran System unless PAM users specifically decide to share them with other users.

To create and manage their own private WPM secrets, PAM users need to do the following:

  1. Open the Ekran System Connection Manager, and click the Add Secret button.
  2. In the Management Tool that opens in the browser, log in as a user with either the Management Tool Access or the PAM User Management permission.
  3. On the Password Management page that opens, WPM secrets and sub-folders can be added to the WPM folder called “My Secrets (<username>)”
  4. Click the Add button to create a new secret (or edit an existing one). 

The secrets added are then displayed on the Password Management page in the user’s WPM folder, as well as in the Ekran System Connection Manager in the user’s WPM folder.

Workforce password management

So each user now has a private WPM folder for their WPM secrets, and users can share any of their WPM secrets with other users.

Role-Based Permissions Model for WPM Users

Role

View

Use

Edit

Share

Owner

Yes

Yes

Yes

Yes

Editor

Yes

Yes

Yes

Yes

PAM user

Yes

Yes

No

No

  • Owners have full control over the secrets.
  • Editors can use, view, edit, and share secrets, but cannot delete them.
  • PAM users can use and view the secrets, but cannot edit, share, or delete them.

The WPM functionality helps streamline business operations and provide a more user-friendly experience.

Benefits of Workforce Password Management

Enhanced security

WPM uses a role-based permissions model, which provides extra control over access to secrets. Additionally, passwords are not only encrypted and stored in a vault but are also now hidden from other users (unless shared with them)​.

A better user experience

PAM users can now conveniently add and manage secrets by clicking a button in the Ekran System Connection Manager. WPM also allows PAM users to create, edit, and share secrets without contacting administrators, which improves efficiency and reduces the burden on IT staff.

Improved team collaboration

WPM allows for the secure sharing of credentials within teams. Users can share the secrets while maintaining strict control over who can view, edit, and use them.

Conclusion

Ekran System’s new Workforce Password Management feature enhances the existing Password Management capabilities by allowing PAM users to create, manage, and share their own secure secrets. This functionality promotes team collaboration while ensuring that sensitive information remains protected but easily accessible to authorized individuals.

For more details on Ekran System’s PAM capabilities and how it can benefit your organization, visit our Privileged Access Management page

Share:

Content

See how Ekran System can enhance your data protection from insider risks.