Wipro Technologies Password Vault beats the traditional model of accessing customer premise equipment- It gives one time access to a sick system for which an incident ticket has been generated by creating an on demand connection. Once the device is functioning normally, the ticket is closed and with it on-demand session.
In the traditional remote IT services model, servers or network devices are accessed by providing the user name and password of a target system. Once the engineer has the the logon prompt- it compromises security without any positive outcome.
Wipro technologies have introduced a new system “Password Vault”, which eliminates the need of the engineer to key in a password while accessing a device, be it a switch or router a server – any of which happens to be malfunctioning or whose performance has deteriorated. Password is mapped to skill levels and ensuring that passwords are safe only those sick devices are accessed.
Now why is this important ?
Well lets take an example: Suppose an employee working for a remote IT infrastructure company on his last day in the organization decides to take out a grudge against the company itself. He can still log in with its username and password to steal information and sells it to the customer’s competitors. Situation can be even more damaging.
So what is Password Vault ?
Password Vault not only acts as a repository of user id but its a whole mechanism working on the background for securing the whole infrastructure. There are three key components of password vault:
- The Incident Token or token
- The Sick device or application.
- Password Vault Itself.
An incident token is generated by the incident ticket system for sick system using public key cryptographic algorithms.
Working of a password Vault :
The remote center has a perpetual connection (WAN) that connects to the customer premise equipment. Tasks are executed in an asynchronous mode without giving the engineer, a direct connection to the target device. The engineer with an incident token, keys in the parameter for a particular task in a web form and gets the result of the command under execution. Moreover, the access to the device is granted only to the engineer who has been assigned a ticket and only to the specific device and not the entire network. Once the task is executed, and the ticket is closed, ITO revokes or takes back the connection to the device (on demand network).
Hence here we see that access is one time, moreover there is no traditional login password concept. Only if he has the ticket he gets the access. Take a look at the image below to have a clear idea.
Once Password Vault is incorporated in all the IT Infrastructure, it will easy to manage security to a large extent. The main aim is to make remote structure more secure, deliver robust and scalable so that SLA’s could be managed without compromising the customer’s trade secret.