StoredSafe

Service Provider Compliance and Value Added Services

Business Needs

A Software as a Service (SaaS) organization provides services to the healthcare, financial and other industries with many regulatory requirements and high security awareness. The organization has regular on-site customer audits and is in the process to provide a SSAE 16 SOC 2 report. The organization has been required by customers to improve its storage of passwords and encryption keys as well as implement two factor authentication for all privileged user accounts.

Passwords are stored in a password application that provides encryption of the data but lacks full audit trails and a two factor authentication. Encryption keys are stored in many different documents with different security controls. Privileged users require a user id and a strong password for authentication. The organization maintains approximately 400 shared/generic/service accounts and 200 encryption keys. The number of privileged users are 25.

Solution

The organization implemented the following solutions to address the business needs:

  • Two Factor Authentication StoredSafe: Integrated with the current authentication solution for remote access and internal use.
  • Password StoredSafe: Storage of passwords and encryption keys

The implementation included 25 users and was implemented within less than 30 days.

The organization also planned to use StoredSafe products for added services to new and existing customers.

Key Benefits

  • Easily integrated and deployed into the current IT infrastructure
  • Regulatory compliance
  • Improved image on the market as a highly secured service provider
  • Easy to provide auditable information (password policies, access reports, logs, etc)
  • Reduced efforts to change of passwords when key employees leave the organization
  • Quick implementation time
  • Highly secure solution
  • Low investment and maintenance
  • Scalable to several thousand users.

Cost per Month (25 users)

Assurance level Password & 2FA StoredSafe (25 users) Per month
AAA+ Redundant appliance, HSM included. Can be on-prem or hosted service. $520
AAA Single appliance, HSM included. Can be on-prem or hosted service. $420
AA Not currently available as a service. N/A
A Single Virtual appliance, SoftHSM. On-prem only. $199

Additional users is $4 per user and month, up to 500 users.

Additional users

Number of users Per user & month
1 to 499 users in total $4
500 to 999 users in total $3
1000 users or more $2

Business Cases

PCI DSS – Easy Implementation of Remote Access 2FA in Complex IT infrastructure.
Organization with High Business Security Requirements
Highly Confidential Information – Outsourced IT
Scalable Two Factor Authentication (2FA)
Critical Information for Disaster Recovery