Password Spreadsheet Manager

The majority of enterprises today typically store their most critical passwords, known as privileged accounts on ordinary spreadsheets. These password spreadsheets are widely shared (sometimes on a public share within a company), with no knowledge or tracking of who has had access to the information.

The requirement to control and audit access to privileged accounts is a fundamental requirement of virtually every regulatory mandate that controls the security of IT systems. A further requirement is regularly changing privileged account passwords on the systems that use them, especially after the password has been disclosed.

The ideal scenario is the total destruction of all spreadsheets (no shared information) and the total automated management of privileged accounts everywhere they exist in the enterprise. Many highly regulated government and commercial companies have removed all spreadsheets and have converted to a fully automated solution such as our Enterprise Random Password Manager (ERPM) product.

The complete automation of privileged account management is an ideal scenario (no more spreadsheets, paperwork, audit issues, scalability problems, great security, easy compliance, etc). The majority of IT departments are currently not ready nor can they afford a totally automated solution.

To solve the common case of most organizations looking for something better and more manageable (as well as to make their auditors happier), we present Lieberman Software's Password Spreadsheet Manager (PSM).

PSM allows a company to quickly transfer all of their spreadsheets via a web portal into an encrypted, secure and audited enterprise quality on-line password safe.

Once the password spreadsheets are imported (this usually takes minutes to accomplish), the IT administrator can apply rules for access to the data as well as take advantage of extensive auditing mechanisms built into the product.

When a user or IT administrator needs to retrieve a specific account password previously stored on a spreadsheet, they log into the web portal, select the spreadsheet of interest, pick the account they want to retrieve and in a few seconds the password for that account is displayed.

The benefit of bringing password out of products like typical office productivities spread sheets and into this solution are deal with the extensive integrations with popular directories such as Microsoft Active Directory and cross platform LDAP directories. Multiple multi-factor solutions are provided including free unlimited soft token support. Workflow approval is provided to assure owners control access to their resources. Auditing is provided within the product to allow auditors to directly prove that controls exist and work.

PSM uses military level AES encryption as well as providing support for a FIPS 140-2 software encryption module as well as support higher levels of FIPS 140-2 compliance with free support for Hardware Security Modules (HSMs) that support PKCS#11.

PSM may also connect to existing loggers and SIEM systems. Trouble ticket integration is included for popular trouble ticket systems such as BMC Remedy, HP Service Manager, and Microsoft System Center Service Manager. Other trouble ticket systems are also supported with our rich XML feed interface (see Alerting and Integration Using Event Sinks).