Products

• Overview
• Xsuite
• Administrator Access Control Module
• Admin Password Management Module
• Application Password Management Module
• Certifications

Application Password Management Module

A2A Authority™ Application Password Management provides policy-driven controls that enable the secure storage, management and use of application passwords and credentials. The A2A Authority module runs on the Xsuite platrform. 

Application Password Management Benefits:

• Enhances security by eliminating hard-coded, hard-to-change passwords from applications and scripts
• Automates management of application passwords
• Vaults and protects sensitive application passwords in storage, in transit and in use
• Rapid deployment and integration with application and system infrastructure
• Detailed password audits and activity reporting
• Increases up-time and operational efficiency by eliminating time-consuming and error-prone manual processes
• Simplifies audits and proves compliance with regulatory initiatives like PCI DSS, FISMA, NERC CIP, HIPAA and more
• Easy to install, configure and manage over time; low total cost of ownership

A2A Authority™ Application Password Management Features:

Centralized storage of application passwords

• Central management, storage, release and audit of application passwords improves security, reduces operating costs and helps maintain business continuity
• Comprehensive controls, protection of sensitive information, and monitoring and reporting capabilities aid in achieving—and proving—compliance with regulatory requirements

Authentication and authorization of scripts and applications

• Runtime authentication of scripts and applications is achieved by inspection of multiple application attributes, including keys, file and machine fingerprints, storage and execution paths, and more, ensuring that only legitimate, authorized applications gain access to credentials
• Application authorization mappings provide maximum flexibility when defining policies

Application-to-application account password protection

• Critical account passwords are protected using managed keys that are generated, stored and used only by software techniques or FIPS 140-2-validated hardware security modules
• A2A Authority is resilient to tampering and reverse-engineering attacks
• Session-level protection between the administrator’s browser and the server is secured using SSL/TLS session protocols
• Message-level protection is achieved with unique managed keys per requesting server
• Secure local caching provides additional protection and adds support for high performance and local availability

Scalability and high availability

• Proven to meet the needs of the largest organizations, A2A Authority scales to manage millions of application passwords across multi-site, heterogeneous IT environments
• A2A Authority supports fault tolerance, high availability and disaster-recovery capabilities

Reporting and auditing

• All activity is logged to provide a detailed record of application password use and administrative activity
• Integration with third-party aggregation, monitoring and notification tools to help detect and prevent fraud, data breaches and misuse of enterprise data

Patented white-box cryptography

• A2A Authority is the only solution that employs patented white-box cryptographic techniques to ensure defense-in-depth for end-to-end security of data and keys
• Only A2A Authority provides management of application passwords in storage, during transmission and in use.