Sectona release new version 3.7 of Privileged Access Management components with host new Enhancements, performance improvements, and new features to create a scintillating user experience, and here are the Highlights listed:
Enabled Just-In-Time Access feature:
We have included a feature of Just-in-time (JIT) to support customers programs of implementing Zero Standing Privileges. Now with this feature, customers have an option to enable with JIT accounts.
Just-In-Time policy management feature allows a combination of Least Privilege approaches by removing standing privileges and granting scope-defined access to an asset for a defined period only.
Once an asset is enabled for JIT access, a policy can be enabled to Enable/Disable accounts, Provisioning Access using ephemeral accounts at run time or elevating an account at run time. A combination of this allows you to customize policies based on business needs.
To implement this feature, refer to Asset Management settings.
RDP File Transfer Support:
With the onset of the Pandemic, more organizations have shifted their workforce to a remote environment. Many of them adopt a Remote Desktop Protocol where a user connects to another device remotely using a graphical interface. Earlier, Sectona supported Secure File Transfer from one device to another only during Launcher-based RDP Sessions. Sectona now supports File Transfer Over Browser-based RDP Sessions with a comprehensive enhancement and extensive support, ensuring a seamless and enhanced experience.
Enhanced Security with Password Notification:
As a critical parameter to gain access to organizational resources, Passwords have to be safely guarded and protected against humane errors like enforcing a simple password, using the same password for multiple resources, or sharing it with others. Prompting a weak Link exploitable by cyber attackers, these mishaps can be avoided by frequently changing the password ensuring effective Password Management. And the user receives a notification whenever there has been a password change on his account accordingly in the following two instances:
User File Sharing Permissions:
Sectona has adopted the principle of Least Privileged Access, confining the users’ access to a minimum and restricting their permissions to gain access only to the required resources required for their task. Following the same principle, Sectona has added two new permissions permissible for all session types, “Allow File Upload” and “Allow File Download”, respectively, in the user access policy. An Administrator can control access permissions for a users’ session by configuring the user access policy and ensuring that the user’s confinement to necessary permissions only.
Reporting & Dashboards:
Governing access and monitoring the session activities can be a daunting task. An Intuitive and Simplified User experience created through Analytical Dashboards and Custom Reports helpful during analysis and auditing processes, which an administrator can export in an Excel or a PDF file. Adding onto the existing list of reports and Dashboards, below are a few more that’ll help safeguard and secure the access Paradigm in the network infrastructure.
New System Default Additions:
System Defaults are pre-defined values of the configurations of Application Services that define the workflow/operability, which the user can modify. Sectona has added few improvements to the system defaults, detailed below:
AWS Token SSO using Microsoft Edge browser:
AWS Token Based Authentication is an encrypted and secure form of authorization, accommodating two types of users: Root user and IAM user, to work on their specific tasks. They are solely responsible for safeguarding their secrets for access to the AWS Management console. With Sectona facilitating AWS Token-Based SSO support in Built-in Browser, a new system-defined access type has been added, connecting to the Microsoft Launcher and opening AWS Token-Based SSO in Microsoft Edge Browser.
Improved Session Video Log Player Functionality:
Sectona’s Video Session Logging records activities across different sessions from RDP, SSH, Telnet, Browser-based to Thick-Client based session activities, RDP & SSH-based browser sessions over the internet or via jump host at different capacities. This functionality provides granular visibility into the activities to perform a detailed analysis and design risk mitigation strategies by auditors and administrators. Adding into the existing functionality, Sectona has introduced a video playback speed feature in session video log player that gives the auditors to go through files of enormous length at a faster speed up to 32x or accommodate a slower speed of 0.5x for a detailed analysis of an event.
Improved App Service Configuration Settings for Ad-hoc Operations:
Application Services are a pool of services interacting and adapting with the environment around the application, ensure the performance and security of the applications they support by driving the traffic in response to the environmental stimuli. To enhance the Application Service user experience, Sectona has added two new options in the App Service Configuration UI.
A “Settings” option next to the log option associated with an application service shows configuration Information of related application services and System default values like auto start and trigger Interval. And a “Run Now” option that Triggers the application service immediately if it takes time to run after starting or is not running, thereby improving the performance and operability of the Application Service.
Reinitiate Vault Replication with Fallback and DR:
Sectona has adopted a series of best practices to achieve High Availability service with minimum downtime and maximum potential uptime, ensuring the system is always accessible by its users without any interruption. Sectona PAM offers multiple High Availability scenarios and options to design a strategy for your solution, comprising Fallback and DR Instances. Acting as a Failure Response Mechanism, HA prevents systems from going down when a component or server fails on the Primary Node and recover Normal operations with minimal or no data loss with other nodes by replicating the Primary vault.
If there is any interruption or outage during replication, the whole synchronization process starts again by erasing the data and replicating it from scratch, which becomes a tedious process. Sectona has added a new action option, “Re-synchronize Now”, to the vault nodes except Primary Node, that helps reinitiate vault replication from the point of interruption, ensuring an optimal HA strategy implementation for your environment.
Reinitiate Vault Replication with Fallback and DR:
A standalone module of Sectona PAM platform, synchronized and securely replicated in real-time with the Sectona ‘Password Vault’, activating passwords and secrets of accounts in case of unavailability of the Password Vault, ensuring business continuity. Whenever the server starts, only secrets of existing assets in the Satellite Vault are updated. Sectona has enhanced this feature
that allows synchronization of existing and new assets and their secrets in real-time, ensuring the user has the necessary access to carry on his daily routine by maintaining the latest copy in the Satellite Vault.