Security software provider, Cyber-Ark(r) Software Inc., released two new applications to allow administrators to archive passwords and change them from remote locations via a centralized system.
“The risks related to embedded accounts has now become a focal point for those responsible for ensuring compliance” said Calum MacLeod, Cyber-Ark European director. “There are literally tens of thousands of publicly accessible applications, from internet banking, government applications, healthcare, etc., that are simple to exploit because developers are either using default settings, or relying on pre-packaged scripts available on the web.”
The Enterprise Password Vault allows all passwords to be securely archived, transferred, shared and managed by authorized users, creating a centralized credential management infrastructure.
The Central Password Manager module enables organizations to change passwords automatically on remote machines and store the new passwords in the Vault, without human intervention and in accordance with organizational policies. Being able to manage embedded accounts allows the software to remove hard-coded passwords from all scripts and code, encrypt stored passwords and control all access to credentials by application or support staff.
“These embedded accounts are an often overlooked security concern,” said Udi Mokady, Cyber-Ark President and COO. “Managing these passwords has become a logistical nightmare for IT departments.”
According to Cyber-Ark, passwords are often hard coded within applications, so resetting them becomes a complex process involving changes to application code, compilation and in some cases a long process of transferring the code.