November 01, 2008
£269 for 10 users
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Password management for privileged accounts using role-based administration and shared secrets
- Weaknesses: Lacks flexibility with network devices
- Verdict: A good product for smaller environments with solid administration capabilities
Thycotic's Secret Server integrates into the existing environment to manage and control access to critical privileged passwords using a central web- based repository. With this product administrators can assign permission and role-based security to others throughout the organisation using controlled shared secret passwords. Roles are used to allow changing of passwords or those who can just view passwords.
We found this product to be fairly easy to install but it was a lengthy process in terms of preparation. The Secret Server application installs with integration into a SQL database and IIS web server. It does not create its own databases so there are several preparation steps to be completed before installation can even begin.
Once installed the system is quite simple and intuitive to use. The web-based GUI is easy to navigate and adding users and accounts from Active Directory is quite simple. Policy and secret configuration was awkward at first but became easier as we worked with the product.
From a performance standpoint this is a fairly good product. We found some very useful functionality such as automatically updating passwords on remote accounts when they expire. Passwords are also centrally stored using AES 256-bit encryption for added security. This product can directly integrate with many platforms including Microsoft Windows, Active Directory, SQL Server and UNIX accounts.
An installation guide and user guide are provided with the software in PDF format. Both guides offer a great amount of detail on installation and configuration including simple instructions and screenshots.
Thycotic offers support licenses for all user licensing packages. These include all minor updates and major releases. Users with support also receive immediate response to their technical issues from technical support staff via email, phone and remote assistance. There is also a customer forum available on the website.
At a price starting at just under £269 for 10 users, this product can become expensive quite quickly for larger environments.
While it does have an interesting take on privileged password management, we find this product to be average value for money.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report