It is very important that Privileged Remote Access does not require a VPN. We don't have access to a lot of people's networks. We have a lot of external customers and BeyondTrust allows us to access our stuff on their premises without having to set up 20 VPNs or having different WeVPNs per customer. So, it simplifies the process of onboarding a new customer.

As a whole, Privileged Remote Access is very secure. We have never had a customer deny us having access to it. That is a huge plus for us as it is basically an industry standard at this point. The solution is very highly regarded by anyone and everyone who uses it. That is why we use them.

Since we use it mainly for support, our support team is able to do so much more without having to actively engage our customers. This saves us time and money, helping our customer get back up. Normally, when they are engaging with us, it is a support issue. Therefore, the faster that we can alleviate that support issue, the better it is for our customers. Also, the better it looks for us.

It helps us maintain connections to outside stuff without having to compromise our internal networks when accessing external clients.

It is very important to us that PRA stands on its own as a full solution because of the nature of some of our clients. We can't have too much coupled into our internal stuff versus the stuff that we use to interact with our clients. We use this solution because it is a standalone product that is highly regarded in our industry.

It certainly has made secure access something that is embraced rather than fought. People are willing to use the tool. That probably is the most significant thing about the product. It's easy, they like it, and it keeps us secure. Within three months, we started to realize the benefit of the product.

It provides us the ability to get an end-user back up and running and keep them running efficiently. We can fix something usually within hours, instead of a half a day to three days. They don't have to pack their stuff up, come into the office, and hand it to us to work on it. We're able to truly just sit there with them and help them get their issues resolved. It keeps our business moving.

It saves time. Without it, the RPA team would need all of those desktops in a physical format sitting in their office, and they would have to be on them 100%. Their time savings alone probably is man-days. They are not just saving hours per week. For the RPA team, I can't even begin to give the time and the amount of work this product saves. For the help desk and the rest of the tier-two support, it probably saves 2 hours a day for each member. There are roughly 10 of us, which is 20 hours a day of time savings of workload.

It is important for us that it does not require a VPN. Now that half of our people are remote, our data lives on OneDrive or Microsoft SharePoint. They don't need to be remoted into us through a VPN to be able to get everything. When we remote in, it is nice to not have to worry about whether they are on a VPN because for any number of reasons, they might not be able to get into the VPN, such as our VPN is down or the Dallas office is messing up. So, this flexibility gives us more options, and we like that.

Its security is very tight. I'm the one who manages who can use the software to remote into other machines. In my opinion, it is more powerful than what we need, and I am glad that it is because it gives me room to grow our teams to allow them to do more if they need to or restrict some to only do certain things if they don't need as many privileges whenever they go in.

It is available in multiple formats: as a physical and virtual appliance, or as SaaS. It is very important to have it accessible in multiple ways, whether it be on-prem or SaaS. It allows me to know that if my solution goes down, in a short period of time, I can get somebody to help me get something back up and running.

PRA only works in our Windows environment. It has helped us with not being able to see the password for our security reasons, but only in a subset of our environment. We only use it for password injection. We wanted it for all platforms, but it doesn't work. So, it is only used in our Windows environment.

It met a NIS control in which we needed to not have passwords visible to users because of malicious activity that happened to our company. That is the only positive effect that it has had so far. We have been able to go to the Windows platform and inject the passwords without people viewing passwords. It is not helping us with our Linux or cloud environments.

For the most part, it has been meeting our requirements for safe controls and just-in-time access.

It is the software that our call center uses all the time, and it is very important for us that Privileged Remote Access doesn't require a VPN. Otherwise, if the VPN is down or something like that, we won't be able to access a computer. With PRA, we're able to get to them even if the VPN is down.

The security provided by PRA when it comes to access for remote and privileged users is great. It is really good. They take a lot of interest and put effort into making sure that the product is very secure because everything has to go through the appliance.

It is easy to do things and set up everything. We have it integrated with Active Directory. So, the customer service group can log in really quickly and easily whenever they need to assist someone. It is a great product. I have no issue with it.

It is used by our IT engineers and customer services team. One of its great features is that you can install it on computers in the DMZ to which they usually don't have network access. They can then use it to access them. Because we all have to use our smart cards to log in, the ability to pass the smart card over to the client is the best thing. It is the golden feature that we like to use. It just makes it easier to quickly help people resolve any issues. A lot of times we try to monitor the computer in different ways, such as through on-calls, and it lets us in. If the elevator screen comes up, you can still view the screen, whereas if you are sharing your screen on Teams or something like that, it might blank out when you elevate your privileges. It is a necessary tool that we have. It is deeply integrated into our process.

It is very important that through the use of PRA, there is no need to share passwords with users. That's very much needed. We definitely don't want to share passwords with the clients. It is a highly needed feature, and it is great that we have that ability.

It offers SSO authentication, which is very important because it allows secure transmissions. We know that no one is eavesdropping. It meets all the latest security requirements. They're doing away with a lot of the older formats.

It is pretty good in terms of session auditing and monitoring of third-party and remote-worker access. It is very detailed, and it is very granular. I like the fact that it can record the actual session. You can pretty much audit anything.

I use the tool everyday. I am logged into it right now. It allows me to do my job. I know that I am using the right thing, looking at who goes into what. If somebody needs help with a secure site, I can usually hop and help them, then it is done. It is very good and flexible. It allows me to do my job quite well.

Having a single point of getting anywhere running through its box is like another firewall. It is controlling all access to our secure network so nothing else can get through. Outside of the firewall, it is our network security. 

Using BeyondTrust has made our end users happy because they have trouble logging into multiple sessions. Now, they only need to open the client to start a session. It has shortened and simplified various processes, like approval requests. They can do several sessions, with a session time of 15 minutes. 

From an administrative point of view, BeyondTrust has streamlined user onboarding, a never-ending process. Every day, we are onboarding and deactivating users on the server. It's easy, and I don't need to change passwords or worry about who has access. My users access the servers through PRA exclusively. It's enough to remove a user's access to the server from PRA. Later, I can clean up the password or access control.

I can remove user access with one click, then figure out the other offboarding activities later. It's convenient for an administrator and the end users. Every channel has been monitored and recorded, so it's highly secure.

After getting the password, a user can initiate a direct connection to the target server. Any user working on a server can log into Password Safe to pull the password and store it somewhere. Next time, they won't need to log in to Password Safe. After that, they will directly initiate the session. PRA has a connector that allows it to retrieve the password. 

PRA also doesn't require a VPN, which is a substantial cost saving for our organization. In the past, we needed a VPN license for every administrator operating from home to connect to the server. That's a massive expenditure. By implementing PRA, we could completely get rid of our VPN solution. It works like Microsoft but allows direct access, so I don't need to worry about a VPN. I log in to my PRA control and initiate the session. It's easy for any user. A domain name is more than enough. I can log into my PRA control, and I'll be able to access my server.

It has put us at the forefront when it comes to security, auditing, and meeting SOX requirements. It is a top-notch solution for us in these aspects. Security is the key to fulfilling SOX requirements. Ever since we deployed it, we are able to provide external auditors, who audit the company, with recordings of who is in the environment. We are able to see what is happening. We are able to provide access durations and show who is accessing what and who has been given permission to access. It has really helped us in those aspects.

The fact that PRA does not require a VPN goes a long way for us because instead of our external users installing different VPN applications and having different user names and passwords for different applications, they can just make use of it via the web. They don't need to install an application, which is a very cool and nice feature for us.

In terms of security provided by PRA when it comes to access for remote and privileged users, the users get to access only what they are permitted to access. They can't go beyond what they're allowed to access. You don't have to give anybody the credentials to privilege accounts. The solution allows you to do account injection while you are using the solution, which is really good for us. So, you can do credential injection while accessing the solution, which is a top-notch security feature for us where you get to manage privileged credentials within the organization.

It is available in multiple formats. It is available as a physical and virtual appliance, or as SaaS. When we did the PoC, it was before COVID. We did the on-prem deployment for the PoC, but immediately after the PoC, COVID came, and we started to think of what will happen when we are not physically present. So, we had to go for the cloud solution, which is quite cool as well. It takes the burden away from IT admins, and we don't have to think of how many servers we have to manage.

It is important that through the use of PRA, there is no need to share passwords with users. We are able to do credential injection where you don't get to give users privileged user accounts. With the solution, we're able to do the privilege injection, which makes it perfect for us. Nobody gets to hold onto the privileged accounts. With the solution, we are able to inject it, which is good for us.

We are mainly using it to give access to third-party vendors. In order to ensure that we monitor the activities of what they're doing, we use PRA for their access. All our external users come in through PRA. For every internal user, we use the regular VPN. We are also looking into the cost of getting more PRA licenses if we are going to put every other user in the company on it.

We have integrated it with our Active Directory, which allows us to apply our Active Directory password policies. We don't need to create any other user account for whoever is coming in. We just get to create a user in Active Directory, and password policies are already applied. So, users come in by using the Active Directory credentials, which is another level of security as well.

Since PRA eliminates the need for a VPN, this has translated into cost reduction and reduced complexity. PRA has eliminated the human factor from managing critical credentials; it has restricted access only to specified devices and only on specific ports. The solution provides very restricted and very specific access, both in terms of the endpoints of devices being accessed and in terms of the protocols that are available to initiate the session.

It has almost removed all the burdens that we had due to partner interactions via the VPN. The portal is easy to use and the self-service is really well-designed. End users are able to work without a lot of intervention from our teams. Also, when there is an issue with a password or two-factor authentication, they can reset it using the self-service option. There is not much to do now when supporting external partners.

Privileged Remote Access has improved external access to our network, which has had a positive impact on our network security.

It is very important to us that, through use of PRA, there isn't a need to share passwords with users. One of the basic best practices for securities is to avoid sharing passwords. We try to enforce this in our organization, so this is something that is mandatory for us.

It is used 90% of the time by external vendors and partners. That is the main reason why we bought this product. In terms of an attack in the network, PRA limits the possibility of access into our internal networks. The only point where they have access is PRA. According to its design, you can only access what has been configured. At the end of the day, we don't worry about what the external vendor can access on our internal network. We are just working on making sure that we give them the highest access to PRA.

In terms of security, PRA offers SSO authentication, which is a plus. It is very important to limit the use of multiple passwords, then we can just help a user focus on their jobs, not handling data passwords. 

Our client was using a different product, and they were not able to manage some critical parts. So, they started looking for a replacement, and they found BeyondTrust. As soon as they brought in this product, it was a very easy configuration. Implementing this product was very easy. It doesn't require much. It is very simple, and we can implement it in a week or two, which is what I like about BeyondTrust. It takes much longer to bring in other products. It is also very easy to bring privileged accounts into the product. It is much easier to do management and operational tasks as compared to other solutions.

It is very simple. You just open the URL, and you'll be able to see all your servers. Previously, it was a very tough task. There was either direct access or a VPN. There were a lot of restrictions for connecting to the VPN. There were also some other restrictions to access other products, such as if they want to go for SSO and other things. BeyondTrust is very easy. The users can open a URL, and they will be able to see all their servers. It is very easy for the users, and we are getting very good feedback from the users as well. Previously, there were multiple steps to connect, and now, there is only one step to connect to the servers remotely.

It is a very secure product, which is very important for us. For example, there are 5 to 10 users of an application, and everybody has access to a different machine. With this product, we can easily do segregation of duties and segregation of the server connectivity. Everybody is able to see the servers, but only those people who have access will be able to log into a server with a single click. It is a great tool, and everything has improved over here. Until now, we haven't faced any issues with this product. It is very simple and secure.

We use the vault for service account management. All the passwords and all the credentials get vaulted. In the PRA console, users can select the correct credential and log in. They don't have to know or see the actual password. Whenever a privileged account is managed by a PAM solution, there is a connector between the PRA solution and the PAM solution. This connector gets the credentials and injects them without any manual intervention. Other solutions also have this feature, but in BeyondTrust, it is very simple and different. The connector does all the work in the background.

It does good discovery. When we are trying to pull the local accounts, every local account is visible in the scanned report, and we can easily identify that this is a local account. We'll also be able to get a list of the domain accounts parallelly. There is a clear set of data indicating whether an account is a domain account or a local account. For cross verification, we also check with the application team whether these accounts are domain accounts or local accounts. The scanner works very well for us.

We can bring all kinds of accounts into the solution. Most products target privileged accounts or the accounts with privileged access. With this product, you can segregate a privileged account, a local account, and a normal account or a user account with the least privilege. All these accounts can be brought into the solution.

Through the use of PRA, there is no need to share passwords with users. There is no password sharing. Everything is vaulted. There are two types of integration in PRA. One is with the privileged accounts that are already managed by the PAM solution. The other one is with the least privileged accounts, such as a local account or a test account. Those accounts will be managed by the end-users. If I have the access to the privileged account, my password will be injected from the other solution by using the connector from PAM to PRA. If I have a local account on a test server or a development environment, the connection will be initiated from the PRA solution, and it'll be encrypted and monitored. All other features will also be there. I only have to key in the password.

We use the solution to provide access to third-party vendors. We can't create an AD account or some other account for the vendors in my organization because of some security and violation concerns. With the PRA solution, it is very easy. I can just add or create an account, and I can map this account only for the PRA solution. Whenever they log in, all the sessions are recorded. In case of any violation or issue, I have the recorded session. I can go and check what happened to the server. This way, it helps the vendors a lot, and a vendor doesn't need my intervention whenever they want to log in, even if he is in a different timezone. Previously, I had to be available for the session. I used to share the session via some other third-party platform, such as Teams or Skype, and my availability was very important. If I close the session, the session would get closed for them too.

It offers SSO authentication. We have multi-factor authentication, and we have RADIUS and other authentications. Multi-factor authentication is mandatory across any application or any URL.

In terms of session auditing and monitoring of third-party and remote work access, I have worked with another solution that was only for privileged accounts or privileged servers. PRA can be used for both privileged accounts and non-privileged accounts in the development environment. All transactions or accesses get checked and recorded. So, it is very easy for an administrator to manage the solution across the organization.

Initially, we had a different VPN set up for our external vendors, and working for a pharmaceutical company, we had a lot of equipment vendors telecommuting in to do maintenance on the equipment. Using BeyondTrust PRA streamlined this process; it made it easy for us to manage and distribute the proper certificates and assign privileges to all external users. If one of the remote parties got a new employee, we would set up an access account using their name, providing the same permissions as their coworkers to manage parts of our infrastructure. This was an excellent addition to our company and alleviated a lot of pressure from our support staff.

We signed a contract with a new IT management firm that took over our IT support. That's 300 new employees that needed access to the right groups, et cetera. It took just one day to create the 300 accounts and assign them to the proper teams. PRA streamlines the onboarding process, even for large groups of new remote helpers, setting up the correct templates, having the Discovery in place, and assigning and revoking access.

The company wanted more secure desktops, and the solution provided that. Previously, everybody was an admin of the desktops, and they suffered a cryptographic lock attack. They recovered from this and implemented PRA to avoid repeating the scenario. They bought 500 licenses, the estimated number of staff using the legacy applications. They planned to upgrade to around 1000 licenses a few months later, realizing they had other applications that necessitated this kind of solution. 

There are many different ways to configure this solution in order to provide what we need. Depending on the kind of system that we're supporting, we can directly access the server, and application, or even a web page.