Security Inside Out Edition
Oracle Corp
September 2012 Stay Connected: Database Security on Twitter Database Security on Facebook Security Inside Out Blog   IDM on Twitter IDM on Facebook Identity Management Blog
Back to the main page
Oracle Unveils Privileged Account Manager

In July 2012, Oracle launched Privileged Account Manager, which provides advanced administrative and provisioning capabilities to increase security of high-risk accounts while at the same time streamlining password management.

It is not unusual for enterprise data centers to have hundreds of shared privileged accounts such as Linux/UNIX “root” accounts or database “sys” accounts. This increases access to highly sensitive information, and at the same time, makes it more difficult to audit access and trace activity to individuals.

“Lack of accountability inevitably creates serious security vulnerabilities and can cost a company not just money but also its brand. Sharing privileged account credentials also makes managing passwords very time consuming and expensive,” says Amit Jasuja, senior vice president of development, Security and Identity Management at Oracle.

In response, Privileged Account Manager—part of Oracle Identity Governance and integrated into Oracle Identity Management 11g Release 2—combines advanced policy-based and automated password management capabilities with comprehensive auditing and reporting features.

When accessing a target system via a privileged account, the user must authenticate to Privileged Account Manager in order to retrieve (i.e. check-out) the proper credential. This credential-based access then becomes auditable, and the usage it grants can be limited to a predefined time period.

Key features of Privileged Account Manager include
  • Policy-based password check-out/check-in. A Web-based user interface allows administrators to request access to administrative accounts, eliminating the manual logging and tracking of passwords.
  • Integration with Oracle Identity Manager 11g. Streamline password management by enabling Privileged Account Manager to use the same workflow approvals for account requests and automatically provision access with the same connectors.
  • Automatic password change. With Oracle Identity Manager 11g connectors available for UNIX/Linux, database, and LDAP systems, Privileged Account Manager supports virtually any application, improving security and reducing the risk of fraud by automatically changing passwords after administrator check-ins.
  • Comprehensive auditing and reporting. Tight integration with Oracle Identity Manager 11g and Oracle Identity Analytics 11g provides a common approach and simplifies compliance reporting.
Privileged Account Manager relies on a unique platform approach to reduce the total cost of ownership while enabling organizations to scale shared account management to thousands of users across multiple systems. With Privileged Account Manager, organizations can now strengthen governance, establish accountability, and gain greater insight and control over enterprise risk.

Download the Privileged Account Manager data sheet.

Find out more about Oracle Identity Governance solutions.

Watch the ISACA Webcast: A Platform Approach to Privileged Account Management.

Back to Top
Oracle Information InDepth newsletters bring targeted news, articles, customer stories, and special offers to business people who want to find out how to streamline enterprise information management, measure results, improve business processes, and communicate a single truth to their constituents.

Please send questions or comments to

For answers to questions about subscribing, unsubscribing, and managing your Oracle e-mail communications preferences, please see the Oracle E-Mail Communications page.

Copyright © 2012, Oracle Corporation and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.