AccessMatrix™ Universal Credential Manager (UCM)
AccessMatrix Universal Credential Manager (UCM) provides the security and management solution to address the major vulnerabilities and operational challenges faced by organizations in:
- Managing the storage and retrieval of privileged IDs and Passwords during normal operations and emergency situations for accessing enterprise information resources, e.g. database, critical servers, network devices and etc
- Avoiding hard coding of clear text IDs and Passwords in applications and command files for accessing enterprise information resources, e.g. database connection pools in applications servers and database scripts for accessing data in databases.
AccessMatrix UCM overcomes the above limitations by providing a secure password repository with a management infrastructure and interactive access with workflow approval for authorized users to retrieve the privileged passwords during emergency or support requirements. Some of the key features include:
- Lack of authorization check to ensure that only authorized staff is able to access the passwords;
- Lack of Audit Trail for password change, check in and check out;
- Lack of enforcement of normalization after the password has been checked out;
- Physical constraints for remote access from different locations;
- Access control for specific credentials;
- Audit Trail and reporting for critical activities;
- Strong Authentication with multi-factor authentication support;
- Workflow approval;
- Auto Password Update to target resource e.g. database, servers, etc;
- Flexible APIs for integration with external workflow software.
UCM enables organizations to retrieve user IDs and passwords for specific applications during run time so that the user credential information does not need to be hard-coded in applications or command files.
UCM provides two integration approaches that enables software developers to rapidly integrate their applications with UCM:
- Application APIs - A set of flexible and simple APIs retrieves the current IDs and Passwords from the UCM server.
- Command line utility (UCMRun) - Enables dynamic replacement of IDs and Passwords in command files with no coding effort.
FEATURES AND BENEFITS
Patented technology - Hierarchy model for Administration and Delegation of Credential Management
Enable organizations to control the administration rights of the local security administrators by defining at a granular level to improve security and reduce administration costs
UCM provides a built-in workflow to enable administrators to perform self service to retrieve confidential credentials and it also tracks credential owners in performing password reset after the credential information has been used.
Policy Driven Approach facility to enforce automatically enterprise-wide security policies governing passwords, authentication methods, time and access restrictions
Enables organizations to apply consistent security policy across the organizations based on the defined security policy
FIPS Certified HSM for Key Management & Crypto Processing
Enables organizations to protect their confidential information stored inside the AccessMatrix security registry using FIPS Certified HSM devices
Maker / Checker Controls
Enables organizations to achieve accountabilities in performing security sensitive tasks in managing the security infrastructure and avoid any potential security exposure
Scalability & Availability
UCM provides the scalability and high availability features by running multiple instances of the AccessMatrix server components across multiple servers to Enables organizations to achieve better system up time and minimize unplanned system downtime
Flexible APIs and Secure Utility for dynamic replacement of ID/PWD parameters
Enable organizations to have quick deployment to address the password challenges
Secured Audit Log and Activity Reporting
UCM provides the logging features to record all events to Enables organizations to provide auditors with complete audit trail information and reduces the time in consolidating information for credential management
Least Privilege and Segregation of Duties among various Admin Roles
Enables organizations to deploy the UCM solution without a super user and limit the scope of the security administration rights to the segment and subordinate segments and avoids any potential conflict of interests