Share your experience using TSFactory RecordTS

We use this solution for privileged systems access with a high emphasis on security. End users are required to go through a process of being vetted in our NERC environment in order to use the solution. This product has been used by my company for about five years now.

This product has placed a new culture in my company by making employees more aware of IT compliance and cyber security. It has also placed us in a position to meet NERC CIP v6 requirements.

The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.

Using the PSMP (Privileged Session Manager Proxy) makes it extremely convenient for UNIX Administrators to utilize their favorite SSH client software (i.e. SecureCRT or Putty) to connect to a privileged target without having to go through the PVWA web login.

I would like to see the product enhancement with the Secure Connect feature. Today, there is no functionality to create "Accounts" using Secure Connect to permanently store a user's working tab. It is a tedious manual process of entering host IP information and user credentials into a privileged target system.

Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use. It’s a manual process of entering information all the time. Unless you are working with accounts already stored in “Safes”.

I have been using this solution for seven years.

We have noticed some stability issues with the PSM Servers. We've noticed that there may be a limitation on the number of users that a PSM Server can handle. We have two PSM Servers deployed in our Production environment and have come to a conclusion that we may need to add two more to stabilize the environment.

Upgrading to version 9.9 significantly reduced the stability issues with the PSM Servers and the limitation on the number of users that the PSM can handle.

CyberArk could use some improvement in their level of customer service. Sometimes, it can take more than a day before a Case that I have submitted online gets a response from tech support.

The level of technical support has been great. The challenge has been to get an initial response and sometimes follow-up from CyberArk Support.

If you are going to set up CyberArk for the first time, I highly recommend that you utilize their Professional Services. They are extremely knowledgeable and very helpful and will ensure that your implementation is a success.

We use Texas DIR when evaluation and making purchases of products.

We are currently on version 9.10. We would like to upgrade to the latest version some time this year. There is currently a CyberArk Security Bulleting CA19-09 that addresses potential administrative manipulations within the PVWA and the Digital Vault. CyberArk has released patch 9.10.4 to address the PVWA and they are working on releasing a patch for the Vault Server.

Some use cases with AWS CloudTrail include monitoring services running within your AWS environment, ensuring they function as expected. With AWS CloudTrail enabled, you can track who is logging in and out, access logs, and perform accounting and auditing of services and networks to monitor user activity and access to information.

In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this.

We can use it to trigger Lambda functions for authorization and terminate unauthorized access. Integrating it with Amazon Simple Notification Service also allows us to receive alerts when specific metrics are reached, helping us take prompt action when needed.

For example, if a server exceeds its limit, we get notifications. This helps us act fast, like adding more servers or adjusting resources. Also, if someone unauthorized tries to access it, we get alerts. For example, we know immediately if a terminated employee tries to get in.

Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay. 

I have been working with the product for ten years.

Except AWS is down, and then you have the tool going on. AWS guarantees it. In the past three years, AWS has gone down about twice. So once it goes down, we don't have that service available to monitor any infrastructure in that region.

On a scale of one to ten, I would rate the tool's scalability a ten. Since it is an AWS product, it automatically scales based on the volume of logs flowing into the environment. It operates under a serverless management model on the AWS side

I would rate AWS customer service at around eighty percent. However, this rating varies depending on whether you have the enterprise support package. Without it, you're around fifty percent, but you're at eighty percent with the enterprise support package, which requires an additional cost.

The tool's initial setup is not complex. It depends on the tools you are using. The process is straightforward whether you are using CDK, the portal, or the command-line interface.

AWS CloudTrail is free.

I highly recommend enabling CloudTrail because it keeps an eye on your environment when you're not looking. There's no case where I would say customers should not enable it because it's not something that you're paying for upfront. If it does activate, you might have to pay for things like Lambda functions, but it's worth it. This is especially important now with so many potential security risks. AWS locks logs for 90 days, but now you have them available indefinitely. However, keep in mind that storing these logs can incur costs.

I rate the overall product a nine out of ten.