Password Manager Pro 9.7 (build 9700) has been released and is now available to download. This release introduces strong controls in Password Manager Pro for protecting personal data stored and processed in the product, in compliance with privacy regulations. The list of new features/enhancements include:

 

• Additional protection in web GUI while displaying personal data
  

Form fields that contain personal data such as Username, DNS Name, Email ID, Server Name and more will henceforth be masked at all times to enhance protection. Additionally, when a specific user unmasks and views any of the masked data fields, the action captured in the audit trails with a timestamp and the IP address of the machine from which the user viewed the data. 

 

• Canned report to demonstrate GDPR compliance stature
  

Password Manager Pro now comes with a canned report that tells you the stature of your compliance with specific requirements listed in Chapter 3 of the General Data Protection Regulation (GDPR), in terms of how users' personal data is handled within the product. This report, apart from providing a holistic view of how personal data is handled, will also prove useful while preparing for privacy audits.

 

• Password protected exports 
  

Administrators can now include an additional layer of password protection for export operations across Password Manager Pro. This applies to,

1. Resource and resource group exports (XLS file)

2. Audit exports (PDF and CSV files)

3. Report exports (XLS and PDF files)

The authorized administrator can either set a global passphrase which will be uniformly used for the aforementioned export operations or allow the users to define their own passphrase for their exported files. 

 

• Support for Encryption at Rest (EAR) while using MS SQL server as the backend database
  

For Password Manager Pro installations that function with a MS SQL server as the backend database, Transparent Data Encryption (TDE) is supported henceforth to achieve EAR. TDE encrypts all the data and log files stored in the SQL server and the key used to encrypt the database is also secured further with a certificate to enhance protection.

 

• Backup file encryption
  

Database backup (.zip) files in Password Manager Pro—both on-demand and scheduled, will hereafter be encrypted with the Password Manager Pro master encryption key and stored in the destination directory securely. In case of Password Manager Pro installation running a remote MS SQL server database, the backup file will be encrypted only if the specified backup destination is within the server in which Password Manager Pro is installed and not the remote machine.  

 

• Privacy controls for canned reports
  

Password Manager Pro now allows authorized administrators to configure privacy settings for canned reports. Administrators can choose from an exhaustive list of personal data, deciding whether each input in the list should be completely omitted from the reports or included as masked information.

 

• IP restrictions
  

IP-based restrictions are now supported to limit inbound connections and minimize unwanted traffic to Password Manager Pro server. Restrictions can be configured for web access, API calls, communication from native mobile applications, browser extensions, and Password Manager Pro agents deployed on target machines. The IP restrictions can be set at various levels and combinations, such as defined IP ranges or individual IP addresses. The authorized administrator can either whitelist or blacklist the set of desired IP addresses. 

 

• Trash can for delete operations
  

Users and resources in Password Manager Pro can now also be moved to trash alternatively instead of permanent deletion, along with the option to restore from trash when needed. The trashed users and resources will be retained by Password Manager Pro only until the next rotation schedule is carried out for the master encryption key.

 

• Purging selective session recordings
  

Earlier, session recordings and chat logs could only be purged in bulk by configuring to delete recordings that are older than a specified number of days. From v9700 onwards, session recordings can also be individually selected under Audit >> Recorded Sessions and purged. Additionally, chat logs for a specific session recording can also be deleted while retaining the recording itself and vice versa.

 

• Managing email addresses in Password Manager Pro
  

A new provision has been added to enable administrators to track and remove email addresses in Password Manager Pro which do not belong to any of the users in the application. This provision currently supports identifying and removing email addresses which are captured in "User Sessions" audit as well as those that are configured as notification email recipients for scheduled tasks' completion statuses and license expiry alerts.

 

• Emergency Measures 
  

In the rare scenario that a suspicious activity is sensed within Password Manager Pro but has not yet been identified, a set of recommended best practices that can be carried out have been added under Admin >> Manage >> Emergency Measures. The illustrative list of incident response actions give the administrator a head start on stopping all inward and outward communication to and from Password Manager Pro server respectively, such as stopping API calls, blocking agent communication, and stopping the SSHD server. 

 

In addition to the above, you can take a look at our Release Notes to learn more about other enhancements and minor bug fixes included in this upgrade pack (build 9700). 

 

How to Upgrade to Build 9700? 

 

Thanks,

Praveen

- - - - - - - - - - - - - - - - - - - -

Toll Free: +1 888 720 9500

Email: passwordmanagerpro-support@manageengine.com

Password Manager Pro - Enterprise Privileged Identity Management Solution