Passlogix(R), Inc., today announced v-GO(R) Shared Accounts
Manager(TM) (v-GO SAM), a new module in its v-GO(R) Sign-On
Platform(TM) that offers an industry-first approach to managing access
to privileged accounts. v-GO SAM leverages v-GO´s enterprise single
sign-on capabilities and its interoperability with identity management
and strong authentication systems to close the security gaps
associated with shared credentials, offer new capabilities that aid
regulatory compliance, and eliminate the need for a dedicated vault
system for shared account management.
v-GO SAM enables credentials to be securely shared by multiple
users such as system administrators who must access privileged
accounts, workgroup members who must share a pool of generic accounts,
and temporary workers or contractors who must be issued temporary
generic accounts. It interacts with v-GO Single Sign-On (v-GO SSO),
the core application in the v-GO product suite, to receive and respond
to requests for credentials.
With v-GO SAM, a user requiring access to a privileged account
makes an online request to check out a specific username and password
from a central container dedicated to shared accounts, usually located
in a corporate directory such as Active Directory. The request is
approved or denied based on the user´s role and group membership in
the corporate directory and/or an approval workflow in the
enterprise´s identity management system.
The system then issues the username and password, subject to
policy-based usage controls such as a two-hour credential expiration
or a limited number of logins. The user never sees the password so it
can never be shared with anyone else. After expiration, the username
and password are automatically deleted from the user´s credential
store and checked back in to v-GO SAM. Usernames and passwords cannot
be checked out to multiple users simultaneously, thus establishing a
single point of accountability for all activity on the target system.
Instead of buying a separate hardware or software vault system to
administer shared accounts, v-GO SAM allows organizations to use their
existing enterprise single sign-on (ESSO) infrastructure and identity
provisioning systems to address the challenge of privileged account
password management and compliance. System administrators can now
manage both conventional and shared credentials with a common strategy
and infrastructure.
v-GO SAM´s integration with Passlogix´ ESSO technology also makes
the product:
-- The first solution with an identity-centric architecture that
relies on a user´s identity and optionally, an identity
management system, to govern the usage of shared account IDs,
This makes it possible to associate credentials to a unique
individual for accountability purposes.
-- The first solution that hides credentials from the end user,
eliminating the threat of password sharing, associated
accountability problems, and the possibility of passwords
getting into the hands of non-privileged users.
-- The first solution that can require use of a strong
authentication device in order to sign-on to the privileged
account, providing an additional layer of security.
These features offer significant advantages for organizations that
must comply with regulations such as Sarbanes Oxley (SOX), the Health
Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach
Bliley Act (GLBA) and Payment Card Industry (PCI) requirements
governing data security.
In the case of PCI, for example, v-GO SAM aids compliance for
merchants and service providers handling credit card information in
part by fulfilling the requirement that each user accessing system
components or cardholder data be identified by a unique user name. The
combination of the unique identifier required for v-GO logon
(typically the Active Directory user ID) and v-GO SAM´s
one-password-at-a-time policy helps meet that mandate and protect
payment card processors against serious PCI-related penalties.
"Managing accounts with shared privileges has become an issue of
growing concern in the face of security breaches and regulatory
mandates. Malicious users can steal, change or delete data, and it
would be impossible to pinpoint the culprit," said Stephane Fymat,
vice president of strategy and product management, "v-GO SAM offers a
new ESSO-based model for privileged account management that provides
significant security, compliance and administrative benefits by
extending the principles and infrastructure of single sign-on and
identity management to encompass shared accounts."
v-GO SAM is the latest add-on product to the core v-GO single
sign-on platform. Five other modules extend v-GO´s single sign-on
capabilities to any form of strong authentication and to kiosk
environments; enable all identity provisioning systems to
automatically inject user credentials into v-GO SSO; permit
self-service reset of forgotten Windows passwords; and centralize
management of strong authentication devices. The platform has sold
more than 6 million licenses to organizations around the world.
v-GO Shared Accounts Manager is scheduled to be released in Q1
2008.
Separately today, Passlogix announced an industry-first v-GO On
Demand Edition that simplifies enterprise single sign-on deployments
for both administrators and end users by enabling the client software
to be accessed with a simple click on a link. This unique deployment
strategy allows organizations to extend single sign-on to remote users
and to install ESSO on a USB memory stick for use with any computer,
broadening ESSO´s reach to users previously unable to benefit from the
technology´s password management capabilities. For more information,
visit www.passlogix.com.
About Passlogix
Passlogix is the developer of the v-GO Sign-On Platform, the
market´s most robust, scalable and easy-to-deploy enterprise single
sign-on platform with successful installations in hundreds of
organizations of all sizes and in all industries around the world. The
company´s patented intelligence-based technology eliminates lengthy
and expensive implementation cycles, and provides rapid return on
investment, by adapting to any existing infrastructure without the
need for custom coding or replacement of legacy hardware or software.
Founded in 1996, Passlogix is headquartered in New York City with
sales offices throughout the United States, United Kingdom, Hong Kong
and Singapore. For more information please visit
http://www.passlogix.com/
Copyright (C)2007 Passlogix. All Rights Reserved. All trademarks,
trade names, service marks, and logos referenced herein belong to
their respective companies. For more information please visit,
www.passlogix.com.
