Pleasant Solutions Pleasant Password Server
March 01, 2016
£35/£227 (five users, standard/enterprise).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Sharable password vault with solid control and access policy built in.
- Weaknesses: Limited functionality as a privileged account manager.
- Verdict: Somewhat specialised functionality but very good at what it does.
The Pleasant Password Server from Pleasant Solutions provides a secure password vault and privileged account password management that leverages KeePass technology to expand web-based sign-on functionality to the enterprise. This product allows for features and functions of traditional cloud-based password safes to be incorporated directly into the enterprise locally so passwords and policy can be controlled locally using Active Directory or LDAP accounts and users or groups.
From the server side, installation is quick and easy. The tool is software-based and can be installed on any Windows Server in the environment. As part of the init iation, IIS Express and SQLite are loaded by the installer by default. This should work for most environments, but settings can be changed to support a full SQL Server database as well if needed. Once the server component is installed, all configuration and management is done through a well-organised, web-based management interface. The interface has an intuitive design, which makes navigation quick and easy. Users, roles, access policy and systems can all be quickly configured and pushed out to clients for access. Users simply access their vault through a client application or web interface. The client includes a few more functions and is available for Windows, Mac OSX, iOS, Android and Windows Phone. Once inside the client, users can access specific credentials based on the policy assigned to them.
This product allows for a flexible amount of control via configuration policy that is centrally managed within the server and pushed out to clients. Policy can be defined to lock passwords down - from being viewed entirely to being viewed in clear text - and copied and pasted into fields. Roles can also be defined similarly and users can have roles that allow them to have full access to a credential all the way down to only being able to grant access to it based on a request, while never seeing the password. All client activity is monitored and logged in a central log repository for full auditability of credential access.
Documentation is provided as an online wiki type document. We found this to be well-organised and easy to follow. Sections are clearly marked and contain many screen shots, configuration examples and easy to follow instructions on configuring, managing and using the tool. The web integration also allowed for the first page to contain some very useful links to tutorials and an FAQ.
Pleasant Solutions offers the first year of support as part of the purchase price of the product. This support includes 8/7 phone- and email-based technical assistance, as well as access to product updates and upgrades. Customers can also access a support area on the website that includes a knowledge base and product documentation. After the first year, customers can purchase aid as part of an annual maintenance package.
Starting at £35 for five users for the standard version or £227 for the expanded enterprise version, we find this solution to be a reasonable value for the money. The Pleasant Password Server provides a way to centralise and control a central password vault with some added features, such as access policy, that are not available in traditional vaults.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry