Skip to content

Data Access Controls

Clear ownership of accounts

The person who adds an account to the vault is designated as the default owner. If an owner leaves the organization, all passwords owned by the user can be transferred to a different user. This way none of the accounts stored in Securden is orphaned. Risks associated with orphaned accounts such as stale passwords and privilege creeps can be averted.

Streamlined access provisioning via folder structure

Securden allows users and administrators to group similar accounts into folders. These entities can be shared with other users and user groups with granular access privileges. For example, if there is a group of Windows administrators in your organization, you can create a user group in Securden for them and share the folder containing all the corresponding accounts in it. When a new Windows administrator is onboarded into the organization, they will automatically gain access to the accounts. This way a folder works as a micro vault for a group of users requiring access to the same resources.

Just-in-time access and approval workflow

Granular access sharing ensures that users receive only the necessary level of control over a credential, limiting their access solely to the accounts they own and those that are shared to them by others. They are unable to access any other accounts or credentials present in the vault.

You can establish an additional layer of security for sensitive accounts by enforcing your users to go through approval workflows. Securden achieves this through the just-in-time access provisioning workflow. Whenever the passwords of such accounts need to be accessed, users will have to raise a request and select administrators or account managers, who are designated as Approvers. The approver will grant time-limited access to the particular system for the particular user. At the end of the stipulated time period, the password will be automatically reset.

Design Highlights

  • Just-in-time access requests and approval workflow
  • Transfer ownership
  • Categorizing into folders for efficient organization