ManageEngine launches MSP password management tool
Management software firm claims industry first in catering to service providers
Real-time IT management company ManageEngine this week announced the beta availability of the MSP (managed service provider) edition of its privileged password management software Password Manager Pro.
Password Manager Pro MSP Edition allows MSPs to centrally manage the privileged passwords of their clients through an automated, policy-driven approach. This is designed to ensure MSPs are able to offer critical data protection "above and beyond their clients' best practice security guidelines for sensitive information and also helps them demonstrate to their customers that the critical data are being securely handled", ManageEngine said.
MSPs, in particular those managing the IT and network infrastructure of their clients, are swamped by the ever-increasing number of privileged passwords. Without appropriate management tools, this can lead to a haphazard style of password management where administrative passwords, which grant unlimited access privileges on the IT assets, are stored in plain text in volatile sources like Excel spreadsheets, printouts and text documents and insecurely shared among technicians without relevant protection, leaving organisations open to security attacks.
"Identity theft often lies at the root of modern-day cyber attacks," said Rajesh Ganesan, director of product management at ManageEngine.
"Cyber criminals are increasingly targeting login credentials of employees and administrator passwords to gain access to IT resources through various techniques. Since MSPs manage the IT infrastructure for many clients, the risk level is very high, and they are looking for a secure and reliable solution for privileged password management.
"While there are many good enterprise-class privileged password management solutions on the market, they do not cater to the specific needs of MSPs. The ManageEngine Password Manager Pro MSP Edition bridges this crucial gap by offering an easy-to-implement yet affordable password management solution that provides effective security protection to both the service provider and all its customers."
The new edition enables MSPs to manage the passwords of each of their clients separately, from a single management console. Passwords can be securely shared between MSP administrators and their respective customers, making sure that users only get access to the passwords they own or ones that are shared with them. The solution offers the ability to entrust the control of the password vault to the MSP administrator, the end user or both, as desired. The IT policy of the respective organisation can be enforced through automated password resets.
In addition, users requiring access to passwords can be directed to go through password request-release workflow resulting in tighter access controls. All activities with respect to password access are audited, and reports can be generated regarding which user accessed which passwords at which time. When a technician at the MSP leaves the organisation, all passwords accessed by the technician can be automatically changed on remote resources, guarding against potential future misuse.