Security Basics mailing list archives
RE: NOC password management
From: "Cornwell, Kay (NIH/NIGMS) [E]" <CornwelK () nigms nih gov>
Date: Wed, 14 Mar 2007 19:20:11 -0400
If you have some money, this system has lots of promise. We've got it but have not finished implementation http://www.e-dmzsecurity.com/ Look at PAR - hardware based system Can automatically change AD system/resource passwords If you authorize someone access to an account they can sign in and retrieve a password - you can then have the password on the device change (think it will also do UNIX) so essentially you have a one time password. An automated, appliance-based solution Automatically generates, updates, and checks admin passwords Contains a dual-control release mechanism for regulatory compliance Protects passwords during transmission and while in storage Ubiquitous, secure password accessibility Secure File Storage & Release Controls I don't usually deal with the financials - so I don't know how much it cost but for a medium to large environment I expect it would pay for itself very quickly. Kay Cornwell, MS, GSEC, GSLC, GSAE NIGMS ISSO NIH Bethesda, MD -----Original Message----- From: List Subscriptions [mailto:lists.canuck.eh () gmail com] Sent: Wednesday, March 14, 2007 10:20 AM To: security-basics () securityfocus com Subject: NOC password management As the security administrator I constantly get complaints from the network admins about how hard it is to remember all the passwords. What are the best practices for enterprise password management? What products are available? They came to me with Mandylion labs password management token ( http://mandylionlabs.com/). Has anyone used this product or have any insight into the best solution? Thanks in advance
Current thread:
- NOC password management List Subscriptions (Mar 14)
- Re: NOC password management Tremaine Lea (Mar 15)
- Re: NOC password management Soumen Paul (Mar 15)
- Re: NOC password management FocusHacks (Mar 15)
- RE: NOC password management Cornwell, Kay (NIH/NIGMS) [E] (Mar 15)
- Re: NOC password management Ryan Chow (Mar 15)
- <Possible follow-ups>
- Re: NOC password management sbkchk (Mar 15)