Imprivata Privileged Access Management Product Update 2.3.201902172217

February 17, 2019

PAM Update: Adds object access report and support for dynamic and pass-through credentials when using native SSH applications

Highlights of this update include Object Access report displaying the list of all users who have access to the selected object and support for dynamic and pass-through credentials when establishing high trust connections to remote devices using native SSH applications such as SSH shell, Secure CRT or PuTTY.

Added Object Access report displaying the list of all users who have access to the selected object

The update adds an Object Access report displaying the list of all users who have access to the selected object with the list of access levels (global role, global permission or an object ALC) and an access path through the local or external user directory group.

The report is available on the object permissions screen and as a drill-down option on the inventory report.

The report answers the basic question: Who can see and do something with the selected object.

In addition to this, the report clarifies how exactly a person has the reported privilege: whether through the active directory group, object ACL or global permission.

Added SSH Proxy dynamic credentials support for the native SSH clients

Dynamic credentials support for native SSH applications allows connecting to the remote computers using credentials specific for the user performing the connection instead of the credentials on the record applicable to all users.

The option allows configuring several privileged accounts shared by different groups of users.

This approach facilitates hardened security IT management patterns such as Red Forest isolating critical infrastructure to be accessed by the account from dedicated user space.

It also improves the precision of end-point access monitoring providing specific account information for different types of access.

Dynamic credentials option is long available for in-browser sessions.

This update brings it to the SSH Proxy providing access to native SSH applications.

Added SSH Proxy pass-through credentials support for the native SSH clients

Pass-through credentials support for native SSH applications allows connecting to the remote computers using personal credentials provided by the user when logging in to the SSH proxy.

This option enables proxying remote connections through the single jump server from the remote locations into the corporate network inside the firewall perimeter using the regular personal accounts from the organization user directory without VPN tunnel exposing all network assets to the outside endpoint.

The pass-through credentials option is long available for in-browser sessions.

This update brings it to the SSH Proxy providing access to native SSH applications.