Many of you joined us for our What’s New in Secret Server 8.6 webinar a couple of weeks ago. For customers who missed it, you can watch the recording here.
Don’t have time for the full recording? Read on for the key takeaways.
Now whenever you create a Secret, you can automatically apply the security settings you already have.
1.) Specify a policy for security settings at the folder or individual Secret level.
2.) When a new Secret is created within the folder it will automatically inherit the security settings previously applied to that folder.
Setting a Security Policy
Imagine your team is already using Secret Server, but now you need to expand it to manage passwords from your San Francisco and New York offices. You plan to import the accounts by using Discovery, csv or a manual import, but you want all the accounts to require Check Out. No problem! Instead of importing the Secrets and having to manually perform a Bulk Operation, now you can automatically turn on Check Out through Security Policies.
Here’s how it works: On the Dashboard, click the Edit Folder icon at the top of your folder column. It is important to note that Security Policy is very similar to Roles in that they can be applied at the Folder or Secret level. In this example, we are going to apply the Secret Policy to the folder.
In the Edit Existing Folder Section, select the Local Administrator Policy you want to apply from the drop down menu and hit save. Now, every time a new Secret is added to the Local Admins Folder, it will automatically inherit the Check Out feature required by the Security Policy
Creating a Security Policy
If you would like to create new Secret Policies, go to the Admin tab and select Secret Policy. Here you will find three already preset Secret Policies, they include:
- Local Administrator Policy: Local Administrator Accounts must have Check Out enabled and a hide launcher password turned on.
- Service Account Production Policy: All production accounts must have Check Out enabled and all sessions must be recorded for the T6 Security Audit.
- Workstation Policy: Accessing an account requires requesting access and entering the reason for needing the credential.
It is important to note that you are able to create and customize your own Secret Policies.
From a theming and branding perspective, one of the key highlights of the UI refresh is our new theme roller. We’ve made it easier than ever to create and customize your own theme, even being able to preview your theme changes in a preview box. Want to learn more about our theme roller? Watch our 2-minute theme roller how-to here.
A Basic View Dashboard has been created for non-IT users to be able to easily secure and manage their passwords. If you are interested in implementing Secret Server to your Marketing, Accounting, Human Resources, and other teams, learn more about configuring the settingshere.
Now, when you create a new user within Secret Server, you can configure the folder setting to enable personal folders. Users will be able to store their own personal work related information securely and will be the only user that can access the folder.
Soft Token Support
Before the 8.6 release, Secret Server supported Radius Authentication and email for 2-factor authentication. Now we offer Google Authenticator support. Users will go through a basic set-up process and have to install the application on their phone. When they login to Secret Server, they will be asked for their username and password and then will be prompted for their Google Authenticator Pin Code. This provides an inexpensive alternative to costly hard tokens and provides even greater security.
The new features of 8.6 are meant to save you time and take away the complexities behind password security management.
Which of the new 8.6 features have you already implemented? Let us know in the comment section below.
Latest posts by Thycotic Team (see all)
- (Video) Are You Following Password Best Practices? - September 23, 2014
- What is a smart grid and why should I care about it? - September 16, 2014
- Infamous Heartbleed Bug Responsible for Over 4.5 Million Patient Records Leaked - September 9, 2014