Compliance Reporting End-to-end reporting ensures the governance of your enterprise's passwords are well managed, and reported when required.

Many different types of scheduled reports, over 100 different Audit events, and real-time alerting ensures your business is compliant with various regulatory acts like NIST, PCI DDS, HIPAA, NERC/CIP, SOX.




Essential Compliance

Use Passwordstate to help your organization reach NIST, PCI DDS, HIPAA, NERC/CIP and SOX compliance. For an informational checklist on how Passwordstate can help with each of these acts, please click here Request Compliance Checklist

Access Management

Passwordstate has granular role based access, so segregation of access is possible. Read, modify and administrator permissions can be granted to Password Lists and individual Passwords, either to individual users or to members of a Security Group. Security Administrators (who administer the whole system) have 12 different access roles which can be applied.

Compliance reporting

Passwordstate records over 100 different types of audit events, all of which can be reported on when required. You can see a complete list of audit reports here - Compliance Reporting. For a full list of Reports and Audit events, please see 'Available Reports' further down on this page.

Real-time Email Notifications

Passwordstate has 54 different types of real-time email notifications, all of which help keep everybody informed about what's occurring in the system. You can see a complete list of Email Notifications here - Email Notifications.

Password Length and Complexity

As users create and edit passwords records in Passwordstate, they’re provided visual recommendations for how strong the password strength is based on policies set by the Security Administrators.

Tracking and reporting of password resets

Each password within Passwordstate can have an expiry date set, with reporting and email/visual reminders as a result. Automatic Password Rotation is also possible.

Password Reset Recommendations

When a user’s access to passwords is removed, a recommendation email is sent to each of the Password List Administrators recommending they reset the appropriate passwords.

SIEM Integration

In addition to the comprehensive auditing capabilities within Passwordstate, you can also integrate Passwordstate with your SIEM implementation for consolidated event correlation.

Available Reports

The following types of reports are available in Passwordstate, either on demand, or per the schedule you set. All reports can be delivered in either HTML or csv file format.

  • Standard Permissions Report
  • Enumerated Permissions Report
  • Password Strength Report
  • All Passwords Report
  • Aged Passwords Report
  • Password History Report
  • Active Directory Synchronization Report
  • Audit Records - General
  • Audit Records - Passwords
  • Password Reuse Report
  • Security Administrators
  • Security Group Membership
  • User Accounts
  • User's Historical Password Activity
  • User's Last Accessed vs Updated
  • User's Password List and Folder Permissions

For the Auditing Reports, and on each of the Auditing Screens, the following activities can be reported against:
  • Access Granted
  • Access Removed
  • Access to Password Approved
  • Access to Password Denied
  • Access to Password Requested
  • Access to Password List Approved
  • Access to Password List Denied
  • Access to Password List Requested
  • Access Updated
  • All Passwords Exported
  • Audit Records Purged
  • Discovery Job Added
  • Discovery Job Deleted
  • Discovery Job Updated
  • Discovery Job Permissions Added
  • Discovery Job Permissions Removed
  • Document Deleted
  • Document Updated
  • Document Uploaded
  • Document Viewed
  • Email Sent
  • Email Template Enabled
  • Email Template Disabled
  • Email Template Updated
  • Emergency Access Event
  • Encryption Key Rotation
  • Encryption Keys Exported
  • Failed API Call
  • Handshake Approval Requested
  • Host Added
  • Host Deleted
  • Host Updated
  • Host Permissions Added
  • Host Permissions Removed
  • Login Attempt Failed
  • Login Attempt Succeeded
  • Password Added
  • Password Copied Between Password Lists
  • Password Copied to Clipboard
  • Password Deleted
  • Password History Exported
  • Password History Retrieved
  • Password List Added
  • Password List Authentication
  • Password List Deleted
  • Password List Retrieved
  • Password List Updated
  • Password Moved
  • Password Navigation Tree Updated
  • Password Restored
  • Password Retrieved
  • Password Screen Opened
  • Password Reset Failed
  • Password Reset Successful
  • Password Reset Script Added
  • Password Reset Script Deleted
  • Password Reset Script Updated
  • Password Reset Script Permissions Added
  • Password Reset Script Permissions Removed
  • Password Reset Task Added
  • Password Reset Task Deleted
  • Password Reset Task Updated
  • Password Updated
  • Password Validation Failed
  • Password Validation Script Added
  • Password Validation Script Deleted
  • Password Validation Script Updated
  • Password Validation Script Permissions Removed
  • Password Validation Script Permissions Added
  • Password Validation Successful
  • Password Viewed
  • Passwords Exported
  • Privileged Account Credentials Added
  • Privileged Account Credentials Deleted
  • Privileged Account Credentials Updated
  • Privileged Account Credentials Permissions Added
  • Privileged Account Credentials Permissions Removed
  • Remote Session Connection
  • Reporting
  • Security Administrator Added
  • Security Administrator Removed
  • Security Administrator Role Updated
  • Security Group Added
  • Security Group Updated
  • Security Group Deleted
  • Self Destruct Message Read
  • Self Destruct Message Sent
  • Template Access Granted
  • Template Access Removed
  • Template Access Updated
  • Template Added
  • Template Deleted
  • Template Updated
  • User Account Added
  • User Account Added to Security Group
  • User Account Disabled
  • User Account Enabled
  • User Account Updated
  • User Account Deleted
  • User Accounts Exported
  • User Identity Impersonated
  • User Removed From Security Group
  • UserName Copied to Clipboard