ARCON is a leading technology company specializing in risk control solutions. It offers a proprietary unified governance framework, which addresses risk across various technology platforms. In the last decade ARCON has been at the forefront of innovations in risk control solutions, with its roots strongly entranced in identifying business risk across industries. It is in a unique position to react with innovative solutions and products.
The access to systems, databases, servers and applications through privilege user accounts as well as the password management of these key user accounts is emerging as the most important challenge in today's IT environment, where flexibility in access with quick resolution of issues is of utmost importance to business.
Typically, password policies for privileged IDs are very strict. The policies require those passwords to be changed at very short intervals, and sometimes use password strength policies that require people to write down the passwords. Those guidelines can make password management even more costly and risky.
Further the passwords are required to be manually changed on every system and printed on envelopes, with physical register for managing the access to the envelopes and reprints. If this is compared to a scenario where there is more than 2000 database, 2000 operating systems etc. The time and efforts will be significant but would still not ensure secure password management processes.
Other organizations recognize this account management overhead and try to avoid it by simply sharing privileged passwords among the teams that require them. This method puts any organization in a very precarious situation, with sensitive credentials being both poorly secured and lacking an ability to trace actions to a single person. Managing privileged passwords are one of the most important challenge in today's shared IT environment.
The increasing focus of regulatory compliances like SOX, PCI, HIPPA, ISO etc has left organizations with no alternative but to implement automated solutions that address these challenges comprehensively.
Our solution provides a security blanket that sits on top of all Operating Systems & Databases. All IT Administrators like Sysadmins, Database Administrators, as well as Application Administrators are allowed to logon to their respective systems only by using a unique user-id & password and OTP (one time password) provided to them. Once logged in, view/modify access is provided on "need to know" and "need to do" basis. Further, activities carried out are recorded and complete audit trails are maintained. The solution provides a secure umbrella around the data stored in various systems.