FISMA News

Cloakware Provides Enterprise-Grade Password Management Solution

(Sept 24, 2008)-- Cloakware, the provider of proven software solutions for securing business applications and digital assets, announced the immediate availability of Cloakware Password Authority 4.0, the only enterprise-grade solution to automate the lifecycle management of privileged passwords in the datacenter. Cloakware Password Authority 4.0 (formerly Cloakware Server Password Manager or CSPM) enables business and government IT operations to meet strict Governance, Risk Management & Compliance (GRC) requirements by enforcing policies and regulations on who and what can access sensitive data and IT infrastructure, eliminating the often overlooked risks of unmanaged hard-coded system administrator (Administrator) and application-to-application (A2A) passwords and increasing operational continuity.

Password Authority is the first privileged password management solution architected from the ground up to meet the demanding requirements of large global IT operations. Providing customers with the choice of operating system platforms, including HP-UX 11, Solaris, Windows and Linux for the management server and a choice of secure repository, including Oracle, DB2, Sybase, Microsoft SQl Server and MySQL, Cloakware offers the greatest flexibility for conforming with the standards already adopted by customers. Cloakware Password Authority scales to manage millions of A2A and Administrator passwords across multi-site, heterogeneous IT environments. It supports high-availability techniques such as load balancing, clustering, failover/failback, data replication and verification, multi-site deployment, multi-homed access and secure local-caching to ensure that credentials are available when they are needed.

“Wipro Technologies is committed to continually providing its customers with the best security solutions the market has to offer,” said Prasenjit Saha, vice president, Enterprise Security Solutions Practice, Wipro Technologies. “Cloakware Password Authority reduces the cost, risk and difficulty of meeting tough IT compliance requirements while maintaining business continuity. The benefits of automated password management will enable our customers to stay one step ahead of this emerging threat that lurks in every organization thus eliminating potential issues before they arise.”

Risk mitigation is about applying the appropriate security techniques to address the threats that have been identified against an organization’s systems. With Cloakware, critical information like passwords, keys and business logic are protected while on disk, in memory and on the network. Password Authority employs many layers of defense and many security techniques not available in competitive offerings, including data and control flow transformations to help protect against both static and dynamic analysis attacks. Password Authority leverages Cloakware’s deep expertise in encryption and software protection techniques to ensure that credentials remain protected at every stage of their use.

In addition to offering increased scalability and performance for the largest IT operations, Cloakware Password Authority 4.0 enhances usability and workflow with a new browser interface that enables even novice and occasional users to manage passwords efficiently and confidently.

“Our customers are becoming increasingly aware of the security threats posed by unmanaged privileged passwords in their datacenters,” said Thomas Fink, managing director, Digital Hands. “Cloakware Password Authority is the only enterprise-grade solution that addresses these threats securely, easily and quickly while at the same time, not interfering with their organization’s day to day business.”

“In most organizations, sensitive passwords are often widely known and shared among administrators, hard-coded into applications and scripts and rarely, if ever changed. Regulations like PCI-DSS, FISMA and HIPAA are requiring that privileged passwords used in IT operations be managed throughout their lifecycle. Cloakware Password Authority can manage those passwords and satisfy the complex GRC requirements while making sure there is relatively no network downtime,” said David Canellos, COO and president of Cloakware.

Password Authority is built on Cloakware’s proven software security tools which protect over one billion deployed applications. It can be deployed on Linux, Unix or Windows server systems across geographically dispersed datacenters with integration to a wide range of leading data base products from Oracle, IBM, Sun MySQL and Sybase. Further extensibility is provided through a strong set of connector technologies to interface with a variety of third party systems (Cisco routers, helpdesk systems, application servers, etc.). Password Authority is architected for today’s data intensive businesses with granular auditable policy enforcement and high availability in heterogeneous environments.

Cloakware Password Authority 4.0 provides unique credentials for each administrator and A2A account, minimal role entitlements, frequent password updates and strong passwords to eliminate risks. Password Authority replaces the error-prone manual processes with robust, automated policy-driven processes that ensure the continuity and security of IT operations. The issue of compliance becomes even more complex in the face of mergers or downsizing which require the creation of new passwords or the de-provisioning of existing passwords. To do that manually and keep track of it is virtually impossible.

For more information, please go to www.cloakware.com.

Share or bookmarklet this web page at: