Secret Access and Workflow Templates

Introduction

Secret Server offers robust secret access and workflow features to enhance security and streamline the management of sensitive information. Secret Server allows administrators to configure access requests, requiring approval before users can access specific secrets. This can be set up to include multi-level and multi-user approval processes, ensuring that access is granted only after thorough validation.

Additionally, Secret Server supports advanced workflows that can be customized to fit organizational policies, including features like timeouts and branching workflows to prevent bottlenecks. The system also integrates with ticketing systems such as ServiceNow and BMC, ensuring that access requests are tied to valid change or incident numbers. These workflows are fully audited, providing a comprehensive trail of all access requests, approvals, and denials, which is crucial for compliance and security.

Simple Access Requests Versus Workflow Templates

In Secret Server, simple access requests and workflow templates serve different purposes for managing access to secrets:

Simple Access Requests

  • Single Approval: Simple access requests involve a straightforward process where a single reviewer can approve or deny the request. Once approved, the user gains access to the secret.

  • Flexibility: These requests can be approved after being denied or denied after being approved, allowing for changes in decision.

  • Basic Functionality: This is the basic form of access control available in older versions of Secret Server, providing a one-step approval process.

Workflow Templates

  • Multi-Level Approval: Workflow templates allow for more complex interactions, requiring multiple levels of approval. You can define up to 15 approval steps, where each step can have different reviewers and a specified number of required approvers.

  • Structured Process: Once a workflow access request is approved, denied, or canceled, its status cannot be changed, ensuring a structured and auditable process.

  • Advanced Features: Workflows can include features like timeouts, branching workflows, and integration with ticketing systems like ServiceNow or BMC for additional validation and compliance.

  • Customization: Administrators can customize workflows to fit organizational policies, enhancing security and streamlining management of sensitive information.

For more information, see the following resources: