PAM solution - One Identity Safeguard

Privileged Account Management with One Identity Safeguard


One Identity Safeguard is securely storing, managing, recording and analyzing privileged access. Available as a hardened or virtual appliance with an intuitive interface, Safeguard can detect and halt unknown threats while satisfying your auditors and admins. It is an integrated solution that combines a secure password safe and a session management and monitoring solution with threat detection and analytics. 


  • Policy-based release control: Using a secure web browser with support for mobile devices, you can request access and provide approval for privileged passwords and sessions. Requests can be approved automatically or require dual/multiple approvals based on your organization’s policy.

  • Full-session audit, recording and replay: all session activity – down to the keystroke, mouse movement, and windows viewed – is captured, indexed, and stored in tamper-proof audit trails that can be viewed like a video and searched like a database. Security teams can search for specific events across sessions and play the recording starting from the exact location the search criteria occurred. Audit trails are encrypted, time-stamped and cryptographically signed for forensics and compliance purposes.

  • Change control: Supports configurable, granular change control of shared credentials, including time-and last-use-based, and manual or forced change.

  • User behavioral biometrics: the algorithms built into Safeguard for Privileged Analytics inspect users behavioral characteristics captured by Safeguard for Privileged Sessions. Keystroke dynamics and mouse movement analysis not only help you identify breaches, but also serve as a continuous, biometric authentication.

  • Discovery: Quickly discover privileged accounts or systems on your network with host-, directory- and network-discovery options.


  1. One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. The solution enables you to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and gives your privileged users a new level of freedom and functionality.
  2. With One Identity Safeguard for Privileged Sessions, you can control, monitor and record privileged sessions of administrators, remote vendors and other high-risk users. Content of the recorded sessions is indexed to make searching for events and automatic reporting simple so you can easily meet your auditing and compliance requirements.
  3. With One Identity Safeguard for Privileged Analytics, you can know who your high-risk privileged users are, monitor questionable behaviors and uncover previously unknown threats from inside and outside of your organization. By using user behavior analytics technology, Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action -- and ultimately prevent data breaches.