The Secret Server update allows organisations to rotate Secret Server's master encryption key on demand. Individual secrets housed within the vault can also be rotated for additional protection.
It also streamlines the use of jump boxes to protect access to critical resources, as a single key can be used to to navigate an entire route from launch, to jump box, to destination within a single session instead of having to inject unique credentials at every connection point. The end-to-end route can be launched from Secret Server or the Connection Manager session management tool.
Other new features include the automatic check-in of secrets for API connections after expiration (with the option of extending the check-out duration), and interface enhancements (logging and reporting, improved keyboard navigation, and screen reader hints).
|
|
"Our continued focus on decreasing the steps required to safeguard secrets reduces the workload on security administrators and the attack surface area," said ThycoticCentrify senior vice president of product management Jon Kuhn.
"As an example, our master encryption key rotation capability is simple to implement and provides an additional layer of protection to block external actors from gaining access to all the other keys stored on the platform."
The latest version of Secret Server can be downloaded here.
