info@mastersam.com  

MasterSAM Star Gate

“My operation team is much more productive now, my security team has better visibility & control, and my auditors are happy. MasterSAM Star Gate is truly a solution that helps to address and balance the needs & gaps between operation and compliance.”
- Chief Information Security Officer, Financial Services Industry

Enquire Now

MasterSAM Star Gate

Managing cybersecurity has become the most challenging ever mission in today's fast-growing security landscape. Undeniably, insider threat has been growing tremendously looking at day-to-day reported data breaches around the world. It's a trend and it will continue to grow rapidly. Privilege is the main key to IT infrastructure. As such, managing privileged access has become a priority milestone to achieve in the most organization’s cybersecurity blueprint. User endpoints like desktop or laptop are always the main interest point among attackers, allows them to penetrate into the entire corporate network. A security layer is required to isolate the network between users and servers, eliminating the direct access through user endpoints to greatly reduce the risk of attack surface.

MasterSAM Star Gate is designed to manage, secure and monitor privileged credential and access across the enterprise IT environment – either it’s on-premise data centre, on the cloud or hybrid infrastructure. This agent-less architecture enables organization to meet the compliance needs in a quick deployment model, supports wide coverage to systems/devices such as operating system, database, hypervisor, application, network and security devices. It offers built-in High Availability and Offline Secured Retrieval options to help organizations mitigating the risk of system access downtime, and ensure business impacts are minimized.









Automated Password Management
  • Secured vault to store and manage privileged credentials according to complexity policy & flexible reset mechanism – automatically after use, manual or scheduled
  • Split password protection to ensure none can get to know the entire password during the password release cycle, satisfying the 4-eyes principle rule
  • Password verification & reconciliation to ensure managed passwords are always in-sync
  • Broad system support to to enterprise systems including server, database, application, security & network devices, and more…
Smart Surveillance Engine
  • Real time recording with screen capture technology for each privileged access activities in proprietary format
  • Smart mechanism to record based on user interactive activities, colour/grayscale recording
  • Tamper proof and real time transfer of recorded data to centralised log repository
Multi factor authentication
  • Provide extra layer of security authentication for each privileged access
  • Support multiple factor authentication such as AD, LDAP, RADIUS, username/password, SMS token, SMTP email token, built-in mobile apps token, integration with enterprise 2FA
Single sign-on & auto login
  • Centralised access point for administrators to connect to managed systems
  • ONE ID to remember
  • Eliminate password exposure to users by establishing auto login connection to the systems
  • Broad system support protocols – SSH, RDP, Telnet, VNC, HTTP(S), software clients such as vSphere, SQL Management Studio, iSeries Navigator, X11, Toad for Oracle, HP Tandem, and more…
  • Seamless user experience – allow connectivity via native clients such as PuTTY, MSTSC, WinSCP, Tectia SSH
Access control & workflow
  • Enforce entitlement access policy for who can access what system and account
  • Comprehensive & customizable workflow – supports multiple level approval, either sequential or parallel
  • Support emergency request to ensure operation continuity after working hours, weekend or emergency situation
  • Satisfy least privilege principle and ensure no privilege access is allowed until granted with proper approval and authorization
Application to Application control
  • Provide secured API for real time password retrieval by authorized script/application
  • Eliminate hard-coded password in script/program
  • Rotate password without affecting service or application
Command restriction
  • Support whitelist and blacklist rules
  • Restrict and filter commands during execution
Compliance fulfilment
  • Help organization to comply to industry regulations such as PCI-DSS, ISO 27001/27002, MAS-TRM, HIPAA, SOX404, APRA, COBIT, BNM-GPIS