What is it? Why is it Crucial?
A Privileged Access Management (PAM) Solution caters to securing the sensitive credentials of the privileged users in an organization. The solution supports business-critical applications requiring continuous availability and reduced downtime through embedding High Availability technology consisting of groups of servers that provide continued operations, thus eliminating single points of failure. To ensure continuity, organizations typically facilitate a DR in an offsite location, which is not an ideal solution for emergencies like a Break Glass Scenario.
A Satellite Vault is a secondary vault, configured in the same network as the primary vault on a secure, isolated machine made accessible to users at the time of Break Glass Scenario.
It reduces the number of instances to ensure high availability of applications and creates offline password storage with limited and secure resources. It is a stand-alone module that securely replicates passwords and secrets from your primary vault instance to other instances. Users can enable the satellite vault if the primary vault is unavailable during unplanned downtime, system faults, data errors, or site outages.
A Break Glass Scenario metaphorically depicts a situation of smashing the glass of a fire alarm and immediately getting the necessary help in case of a disaster. Extending the analogy, in terms of Privileged Access Management, a Break Glass Scenario refers to an emergency where the business processes critical to the functioning of an organization are at a halt with no way for users to restore them online, leading to outages and business ramifications.
Break Glass Scenarios can be caused by a network outage, application fault or a natural disaster. These outages can disrupt the regular operability of a PAM Solution when deployed in a standalone or single-site mode; users perform a Break Glass checkout or reset of credentials when they need immediate access to restore normalcy from the outage situation.
The common Break Glass Scenarios where credentials are recovered from a secure location are:
When emergencies arise when direct access to PAM System is blocked, gaining access out of the purview of the standard operating procedures
When sophisticated IT systems and environments fail despite numerous levels, protections, and redundancy, Sectona uses the Vault to sync User passwords on a real-time basis, ensuring that the user has access to the system 24×7. Therefore, in case of vault failure, the user can acquire a password with the help of the Vault and can access the system.
As a best practice, the Vault should be set up on a secure machine (workstation/laptop) on the same network as Password Vault. In addition to this, service related to this vault should be ON and running in PAM – this ensures real-time sync of the passwords.
When the Satellite Vault service is active, the Password Vault sends a copy to ‘Satellite Vault’ whenever it is changed according to the password rotation policy to keep the most up-to-date copy of the privileged account passwords.
Now, let’s take the scenario of unplanned downtime. Let us suppose that due to an unexpected shutdown, the users are unable to access the system. In this case, the user will need to use the security key provided by the administrator to access the credentials. The security key verifies the user’s legitimacy and authenticity at the satellite vault level. It includes authentication at vaults without requiring a separate database or authorization source, such as Active Directory, typically unavailable in disaster situations.
Users with administrative rights can copy their Profile key into the Satellite Vault system using Windows login credentials. Admin user has privileges to generate the security key by logging into their primary vault profile.
User authentication is based on a security key for accessing passwords/secrets at the vault level. The vault uses key-based authentication rather than an authentication database to recognize a user.
A Security Key generated from the User Profile will be required to log in to Satellite Vault. To log in correctly, the administrator must sync the users’ profiles with their accounts. Only after the sync is complete should users download the Security Key. The user must upload the key to the vault to log in.
The company wanted to digitize this process and introduced Sectona’s Satellite Vault (as a digital vault) and stored credentials in the PAM vault.
With this step, the credentials got replicated to the satellite vault with the same level of encryption. It also ensured that access to employees in the organization during a Break Glass Scenario was restricted and reduced the time-consuming process of manually storing login credentials on an envelope.
It is essential to define how and where you place Satellite Vault, and this must be one of the crucial design decisions in planning your business continuity.
Related Reading: How to Securely Store and Retrieve Privileged Credentials?