Export/Import data across PAM servers version 3

Idea created by Jordi-Palomeras-i-Porta Employee on Jun 7, 2018
    New
    Score13

    Security and privacy are crucial to keep the data safe, so not allowing a raw data export / import to another PAM server, like PAM 2.x did, seems really a good thought.
    For this reason, PAM version 3 restricts the import data to the same PAM server it comes from.

     

    However, there could be different scenarios where it could be useful to import the data from a PAM server into another PAM server. I am thinking about troubleshooting purposes, creating a test environment with the same data you have in production, hardware appliance replacement for a hardware crash, customer internal education, and so on.


    That is why I would suggest to have an export procedure asking for a 'secret string' which was used to encrypt the exported data and an import procedure requiring the 'secret string' to decrypt the imported data.
    Doing so, the data could be exported from and imported to any appliance running the same PAM Server version and it will keep safe as just the people knowing the 'secret string' would be able to import it.