Re: Password Vaulting

[Russell Fulton <r.fulton () AUCKLAND AC NZ>]

we use Thycotic's Secret server and are very happy with it.  We
address the availability issue by having two separate servers (in
different campuses) and syncing the database every 5 minutes.  The
database is also backed up daily and could be restored to a laptop if
need be (this is the ultimate disaster recovery scenario).

The access to the webserver on which the app runs is controlled via
Secureid.

We provide this service to all IT groups on campus.

We feel that this system is an order of magnitude more accurate and
secure than the paper based system that it replaced.  SS will now
change passwords for you too (but we have not yet tested this).  It
will should make the 3 monthly change of root/administrator passwords
*much* quicker.

Russell


On 7/10/2008, at 9:53 AM, Jerry Sell wrote:

> We are trying to get electronic vaulting of root and root equivalent
> passwords in place. We are receiving kickback from upper management,
> because they are not comfortable with the technology.
>
> If you are currently using electronic password vaulting we would
> appreciate a response. We would like to know what product you are
> using, is it successful, any horror stories, would you recommend it
> to others.
>
> Thank you,
>
> Jerry Sell, CISSP
> Security Analyst
> Brigham Young University
> (801)422-2730
> Jerry_Sell () byu edu

Attachment: smime.p7s
Description: