Delinea Secret Server
Delinea, a cybersecurity provider born of the 2020 merger between Thycotic and Centrify, is a specialist in providing enterprise-level access management solutions. Secret Server is Delinea’s privileged access management tool, designed to help organizations monitor, manage and secure access to their most sensitive corporate databases, applications, hypervisors, security tools and network devices. Secret Server offers a range of powerful security features as well as robust session monitoring and auditing tools, to help businesses protect company data against account takeover attacks and ensure compliance with data protection regulations.
Secret Server stores all privileged credentials in an encrypted, centralized vault that users can only access via a two-factor authentication process. Once verified, users can only view the passwords they need to be able to do their job, as assigned by admin-configured access controls. From a centralized management portal, admins can provision and deprovision privileges for just-in-time access, as well as configure policies for password complexity and credential rotation. This eliminates weak and static passwords, reducing the risk of password theft. Admins can also set up a custom workflow to delegate access requests, including for third parties. Powerful session recording capabilities enable organizations to monitor privileged activities, both to ensure compliance and to detect the source of any fraudulent or suspicious activity.
Secret Server is available to deploy on-prem or in the cloud via two packages: the Professional package offers an encrypted password vault with AD integration, auditing and reporting, and CRM, SAML and HS integrations; the Platinum package offers all of the above, plus approval workflows, Unix protection, advanced scripting and disaster recovery. Overall, Delinea’s Secret Server is a strong solution for enterprises looking to secure and centrally manage access to their critical systems, accounts and applications, both to prevent account takeover attacks and to ensure compliance with federal and industry data protection standards.