Universal Credential Manager (UCM) is a Next Gen Privileged Account Activity Management (PAAM) solution with agentless connectors, visual recording and SSO integration

AccessMatrix™ Universal Credential Manager (UCM) provides a virtual password safe deposit box with strong encryption using HSM devices to store privileged account IDs and passwords (aka credentials). UCM provides the security features to address the major audit and operational challenges faced by organizations in managing credentials and its session activities. The common challenges are:

  • Manual Management of IDs and Passwords
  • Lack of Privileged Session Activities Tracking and Control
  • Hard-coded Privileged IDs and Passwords in batch jobs and applications
  • Provide forensic trails and visual recording of privileged access to critical servers and computing resources

What Does UCM Offer?

Privileged User Access (PUA) Module: UCM provides a secure approach with multi-level approval flow and empowers organizations to manage security administrators to retrieve and deposit privileged credentials. This enables authorized users to check in and check out privileged credentials to perform their duties or during emergency situations.

Interactive features include:

  • Flexible access control for credentials based on reporting hierarchy
  • Audit trail with command captures and video session recordings
  • Strong authentication with multi-factor authentication support
  • Multi-level dual control workflow approval
  • Manual, single-sign-on or auto login into target resource after check-out
  • Automatic password management using agent-less technologies
  • Flexible APIs for integration with external workflow or ticketing software

Privileged Session Manager (PSM) Module: UCM provides add-on Windows RDP Gateway Recorder and set of network protocol Proxy Modules to monitor and record privileged sessions. It supports video recording playback for forensic analysis. It also supports command access control for selected protocols.

Application Password Manager (APM) Module: UCM enables organizations to retrieve user IDs and passwords for specific applications during run time so that the user credential information does not need to be hard-coded in applications or command files. UCM provides two integration approaches:

  • Application APIs – a set of flexible and simple APIs retrieves the current IDs and password from the UCM server
  • Audit Password Consumers – Enables dynamic and transparent replacement of IDs and Passwords in command protocols such as JDBC, ADO.NET, Windows and Unix scripts

Key Features :

Flexible and Fine-Grained Administration

  • Patented Hierarchy Model for
  • Administration and Delegation
  • Policy Driven Approach
  • Maker / Checker, Least Privilege and Segregation of Duties among various Admin Roles

 

Ease of Deployment and Manageability

  • Grouping of credentials for easy of administration
  • Bulk import of target resource information
  • Integration with existing user directories
  • Auto Account Discovery

 

Securing Privileged Access

  • Customized Approval Workflow and credential management
  • Command filtering to restrict administrator activities
  • Single Sign-On to target resources without revealing the password
  • Strong Authentication using 2nd Factor Authentication to access target resources

 

Comprehensive Audit Logs and Detail Reporting

  • Session logging using visual recording and text-based audit logs
  • Secured Audit Log and Activity Reporting

 

Advanced Security Features

  • FIPS Certified HSM for Key Management
  • Comprehensive APIs for customization

Key Benefits:

  • Improve IT reliability and reduce operational costs and complexity
  • Scalable and reliable Common Authentication Platform with bank grade security for handling Complex Authentication Requirements, Access Control, Tamper-evident Audit Storage and Credential Vaults
  • Detailed accountability with visual recording and text based audit logs
  • Provides Centralized Management Console to Manage Privilege Accounts End-to-End and Unified Reporting
  • Simple integration and deployment with options for plug-able customized module