control concurrent privileged access to sensitive IT resources
|In enterprises, quite often, many administrators might be accessing a system in production environment concurrently. They might be attempting to carry out conflicting operations, unconnected tasks or even trying the same activity
In the absence of proper planning and coordination, such concurrent access on IT resources could affect the integrity of data/information, lead to conflicts, duplication of effort and a host of other issues. For instance, two administrators might be attempting registry edits on the same system concurrently. Conflicts during this operation might lead to serious damages.
In other cases, for certain sensitive IT resources in production, there might be requirements to grant exclusive, time-limited access to a particular administrator. During that period, no one else should be allowed access to that resource. It will be very difficult to achieve the above objectives without the help of a proper tool.
Controlling access to privileged passwords
One of the best ways to tackle this scenario is to control the access to privileged passwords and thereby check access to the resource. You can deploy a Shared Account Password Manager and store all the administrative passwords in a centralized repository. Administrators can be granted access to the passwords strictly based on their job responsibilities and requirements.
Password Manager Pro from ManageEngine provides a perfect solution to control concurrent access to resources and also to grant exclusive, time-limited access to administrators selectively.
The 'Access Control Workflow' feature of Password Manager pro helps achieve Concurrency Controls with ease. A specific password could be made available for the exclusive use of a particular user for a specified time during which, no one else, including the owner of the resource would be allowed to view the password.
For Example, if you specify the time period as two hours, the password would be made available exclusively for that user for two hours. Others cannot view the password during that period. After the specified time period, the password would become void and will not be available to the user. In addition, the password will be automatically randomized. Later, other users will now be able to view the passwords thereafter. In case, an emergency need arises to revoke the exclusive permission to the user, administrator can forcefully check in the password at any point of time.
For more, visit password management