IBM® Security Privileged Identity Manager helps mitigate insider threats by centrally managing and auditing the use of privileged access credentials across systems, applications, and platforms. IBM Security Privileged Identity Manager is available as a virtual appliance. The new Privileged Session Gateway function supports agent-less access to shared credentials, in addition to the existing agent-based and manual credential access, providing users greater flexibility in choosing privileged activity controls.
Together, the virtual appliance platform and the Privileged Session Gateway make IBM Security Privileged Identity Manager simple to install and manage. The optional Privileged Session Recorder tool records privileged user endpoint activities for improved visibility and security compliance.
Another optional component, IBM Security Privileged Identity Manager for Applications, secures databases, applications and scripts by eliminating the use of hard-coded, clear text passwords in applications.
IBM Security Privileged Identity Manager:
- Provides centralized privileged identity management to address insider threats, improve control and reduce risk
- Reduces costs and overhead by providing faster time to value
- Addresses compliance, regulatory and privacy requirements
- Provides automated password management and single sign-on to protect access to enterprise resources
Provides centralized privileged identity management
- Manage the provisioning, updating and recertification of privileged identities throughout the user lifecycle
- Gain cross-enterprise visibility to privileged user activity via integration with IBM Security QRadar
- Supports management of IBM SoftLayer® administrative accounts from an on-premise IBM Security Privileged Identity Manager environment
- Control check-in and check-out of shared identities from an encrypted Credential Vault
- Improve security and compliance by logging, auditing and reporting on users with privileged credentials
- Better protect and monitor access to databases and other sensitive data sources by integrating with IBM Security Guardium
Reduces costs and overhead
- Reduce costs and overhead by providing faster time to value with a scalable virtual appliance deployment
- Streamline the loading of privileged user credentials into an encrypted Credential Vault
- Improve ROI using common identity management and support for applications and resources
- Seamlessly checkout and use privileged credentials using a web browser interface without installing any agent software on the end user’s desktop using the Privileged Session Gateway functionality
Addresses compliance, regulatory and privacy requirements
- Create a permanent, detailed record of privileged user endpoint activity with Privileged Session Recorder option
- Capture both how a privileged identity was used and what a user did with it
- Configure to enforce strict check-in and check-out of a pool of shared accounts to help ensure accountability
- Record steps of authentication and privileged account actions in a detailed audit trail
Provides automated password management and single sign-on
- Eliminate the need for privileged users and shared accounts to share passwords
- Offer timed automatic check-in that gives users a limited time to use a privileged identity
- Provide single sign-on for each user in the group to a designated shared account—even as the password is updated
- Allow users to request access to a privileged account using shared identity services
- Password resets upon check-in help eliminate password theft and reuse—and provide a self-service interface for users to optionally check-in and check-out credentials and view passwords
- Built-in integration with IBM Security Access Manager allows an organization to leverage all the strong authentication mechanisms provided by Access Manager