Privileged Administra0on Best Prac0ces :: September 1, 2015

Size: px
Start display at page:

Download "Privileged Administra0on Best Prac0ces :: September 1, 2015"

Transcription

1 Privileged Administra0on Best Prac0ces :: September 1, 2015

2 Discussion Contents Privileged Access and Administra1on Best Prac1ces 1) Overview of Capabili0es Defini0on of Need 2) Preparing your PxM Program Understanding the Landscape Scoping Ques0onnaire 3) Market Trends PxM Overview Vendor Space 4) Best Prac0ces 5) Cri0cal Success Factors Page: 2

3 Definition of need Current problem: Insider threat 55% of incidents was privilege abuse which is the defining characteris0c of the internal actor breach. We see individuals abusing the access they have been entrusted with by their organiza0on in virtually every industry. Verizon Globally 89% of respondents felt that their organiza0on was now more at risk from an insider a_ack; 34% felt very or extremely vulnerable. Vormetric Found half (52%) of employees see no security risk to their employer in sharing work logins. Insider Threat Persona Study Page: 3

4 Definition of need 2015 Vormetric Insider Threat Report When asked about who posed the biggest internal threat to corporate data, a massive 55% of respondents said privileged users, nine percentage points behind on 46% were contractors and service providers, and then business partners at 43%. Vormetric Page: 4

5 Definition of need 2015 Vormetric Insider Threat Report Databases, file servers, and the cloud hold the vast bulk of sensi0ve data assets, but for many (38%) mobile is perceived as a high- risk area of concern. Vormetric Page: 5

6 Definition of need Compliance to Regulations, Standards, Frameworks FFIEC, SOX, HIPAA Authoriza0on for privileged access should be 0ghtly controlled. PCI DSS Standards: Remove development, test and custom applica0on accounts, user IDs, and passwords before applica0ons become ac0ve or are released to customers Establish a process for linking all access to system components to each individual user especially access done with administra0ve privileges Implement automated audit trails for all system components for reconstruc0ng these events all ac0ons taken by any individual with root or administra0ve privileges COBIT 5 Framework General IT Controls for privileged accounts which include provisioning, de- provisioning and access review Page: 6

7 Capabilities Overview What exactly is a Privileged Account? Root, superuser, administrator, system, or service accounts, emergency account, or plain user accounts with excessive privilege. These accounts may be anonymous, shared, hard- coded and seldom changed, a challenge to track or audit. What are risk surrounding Privileged Accounts? Privileged accounts allow unrestricted access with li_le or no tracking; may violate principle of least privilege, and can place business cri0cal systems at risk if lej un- managed What is Privileged Account Management? They are tools and techniques for gaining control over the use of privileged accounts. Tools and techniques include password check- out mechanism, command filtering, and session monitoring What is PxM? Privileged Account Management Privileged Access Management Privileged Iden0ty Management Privileged User Management Page: 7

8 Privileged Account Management Iden0ty and Access Management Lifecycle SAPM SUPM PSM AAPM Shared Account Password Management Super User Privilege Management Privileged Session Management Applica0on to Applica0on Password Management DATA ANALYTICS Page: 8

9 SAPM: Shared Account Password Management Solu0ons that fall into this category will provide an encrypted and hardened password safe or vault for storing creden0als, keys and other secret informa0on. SAPM products will control access to shared accounts, allowing authorized users to access them. Ideally, these users will not see the actual passwords. Page: 9

10 SUPM: Super User Password Management SUPM tools work by allowing certain commands to be run under elevated privileges, or by restric0ng commands that can be executed. A common example - the "sudo" command on many UNIX and Linux systems, or the "run as" command for Microsoj Windows. These commands allow a user to run a command under the privilege level of another user (typically of an administrator or superuser). Vendor implementa0on control versus complexity Kernel based Host based Gateway based Page: 10

11 PSM: Privilege Session Management Session establishment and session recording Start recording beginning- to- end of session or when the user starts execu0ng privileged commands. Real- 0me visibility and aler0ng Session recording and live monitoring of privileged sessions. Managers or administrators can intervene or even terminate the session if necessary. Page: 11

12 AAPM: Applica0on to Applica0on Password Management AAPM tools are add- ons to SAPM tools, and are used to eliminate hard- coded passwords or creden0als stored in configura0on files. Creden0als are pulled from the vault using a proprietary interface provided by the PxM vendor. These interfaces are usually in the form of APIs, sojware developer kits (SDKs) and command line interfaces (CLIs), and require applica0ons or scripts to be modified. Page: 12

13 Preparing your PxM Program Understanding the Landscape SaaS PaaS IaaS Page: 13

14 Market Trends Emerging COTS Market ~ 20 vendors Niche players - Best- of- breed - full suite Capabili0es are rapidly expanding Variances in TCO and technical extensibility Requires focused analysis Define Use Cases 1 st Vendor Selec0on 2nd Page: 14

15 COTS Solu0on Scorecard Functional,Capabilities Technical,Capabilities Usability Business,Performance Top,5,Vendor, Solutions SAPM SUPM PSM AAPM Integration API, Extensibility Scalability,&, Performance Administration Market, Position Sustainability CA CyberArk Dell NetIQ ManageEngine Top$5$$Solu)ons$per$Weighted$Scores$ SAPM" " Sustainability" 80" SUPM" " CA" Market" 40" PSM" CyberArk" Posi4on" " " Dell" Administra4on" AAPM" 40 NetIQ" Scalability"&" Performance" API" Extensibility" Integra4on" ManageEngine" Tailor criteria to meet your unique needs Apply weight to designate priority Emerging space; vendors are rapidly expanding/strengthening their capabili0es Page: 15

16 Cri0cal Success Factors 1) Solicit adequate representa0on across Compliance, IT, Opera0ons, Security 2) Understand linkage to upstream/downstream IDLM and SIEM processes and solu0ons 3) Ar0culate desired PxM outcomes 4) Perform solu0on evalua0on/rfp ajer defining Use Case Scenarios 5) Promote project objec0ves: Effec0ve communica0on is key 6) Rou0nely align PxM milestones within context of Informa0on Security and IAM Program Roadmaps 7) Involve Admins early Bo5om Line: Evolving PxM in context of broader Informa>on Security program will yield sustainable control objec>ves Page: 16

17 Best Prac0ces Founda0onal 1. Ensure exis0ng access privileges are properly aligned with current job roles 2. Enforce principle of least privilege fine- grained access 3. Ensure the segrega0on of du0es 4. Do not share user creden0als 5. Know why the privileged account exists. 6. Know who is accountable for its existence. 7. Document who approved it and why. 8. Periodic review of the privileged accounts 9. Do not reuse sojware accounts 10. Eliminate hard coded passwords Page: 17

18 Best Prac0ces PxM Technology 1. Discovery and profiling for PxM accounts prior to building the architecture ~ categorize 2. The PxM system a. Protect the keys to the creden0al vault b. Must be configured for high availability and failover (loca0on, access, etc.) c. Ensure no single point of failure 3. Premise of PxM password management a. Password change process should be protected against race condi0ons b. Time limit access - can be configured to change every 24 hours c. Should not be changed when in use by users or programs 4. Make use of session monitoring with full playback 5. Integrate with repor0ng and analy0cs to gain greater insights Page: 18

19 Resources CW_GlobalReport_2015_Insider_threat_Vormetric_Single_Pages_ pdf Privileged_Identity_Management.pdf Page: 19

20 About Clango Consul1ng organiza1on specializing in Iden1ty and Access Governance Services IAM Ra0onaliza0on Strategy & Planning Solu0on Evalua0on Architecture Integra0on Func0onal Enhancements Profile years of IAM specializa0on - Vendor- Neutral Analysis - Proven Methodologies - - Enabled 100 s of IAM deployments interna0onally Technology specific deep exper0se in partner products Capability Exper0se Access Governance Role Lifecycle Management Cer0fica0ons Iden0ty Lifecycle Management User & Account Provisioning Authen0ca0on Services Federa0on/SSO/TFA Adap0ve Authen0ca0on Privileged Access Administra0on Technology enhancements Iden0ty Func0onal Enhancements Solu0on Coverage RSA NetIQ Oracle ForgeRock CyberArk Page: 20

21 Commercial 7701 France Avenue, Suite 400 Edina, MN Federal 2107 Wilson Blvd, Suite 100 Arlington, VA 22201

Identity and Access Positioning of Paradgimo

Identity and Access Positioning of Paradgimo 1 1 Identity and Access Positioning of Paradgimo Olivier Naveau Managing Director assisted by Bruno Guillaume, CISSP IAM in 4D 1. Data Model 2. Functions & Processes 3. Key Components 4. Business Values

More information

SUMMIT. November 2010

SUMMIT. November 2010 SUMMIT November 2010 Why Summit? Comprehensive Summit provides a unified approach to IT enterprise management following a prescriptive, ITIL based framework Rapid Deployment Summit is developed for and

More information

Interagency Advisory Board Meeting Agenda, Wednesday, September 26, 2012

Interagency Advisory Board Meeting Agenda, Wednesday, September 26, 2012 Interagency Advisory Board Meeting Agenda, Wednesday, September 26, 2012 1. Opening Remarks 2. Enabling the Mobile Government Workforce with PIV Credentials in a BYOD Future (Neville Pattinson, Gemalto)

More information

Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES

Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Interna'onal Standards Ac'vi'es on Cloud Security EVA KUIPER, CISA CISSP EVA.KUIPER@HP.COM HP ENTERPRISE SECURITY SERVICES Agenda Importance of Common Cloud Standards Outline current work undertaken Define

More information

Project Por)olio Management

Project Por)olio Management Project Por)olio Management Important markers for IT intensive businesses Rest assured with Infolob s project management methodologies What is Project Por)olio Management? Project Por)olio Management (PPM)

More information

Zettaset Big Data Ecosystem Discussion Guide

Zettaset Big Data Ecosystem Discussion Guide Zettaset Big Data Ecosystem Discussion Guide Jim Vogt, President & CEO, Zettaset June 20, 2014 The informa,on provided in this document cons,tutes confiden,al and proprietary informa,on of Ze8aset, Inc.

More information

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud Contents Overview...3 Management Issues...3 Real-World

More information

Cloud Data Security. Sol Cates CSO @solcates scates@vormetric.com

Cloud Data Security. Sol Cates CSO @solcates scates@vormetric.com Cloud Data Security Sol Cates CSO @solcates scates@vormetric.com Agenda The Cloud Securing your data, in someone else s house Explore IT s Dirty Little Secret Why is Data so Vulnerable? A bit about Vormetric

More information

Qubera Solu+ons Access Governance a next genera0on approach to Iden0ty Management

Qubera Solu+ons Access Governance a next genera0on approach to Iden0ty Management Qubera Solu+ons Access Governance a next genera0on approach to Iden0ty Management Presented by: Toby Emden Prac0ce Director Iden0ty Management and Access Governance Agenda Typical Business Drivers for

More information

Top Practices in Health IT Compliance. Data Breach & Leading Program Prac3ces

Top Practices in Health IT Compliance. Data Breach & Leading Program Prac3ces Top Practices in Health IT Compliance Data Breach & Leading Program Prac3ces Overview Introduc3on to ID Experts & Secure Digital Solu3ons Healthcare Data Breach Trends & Drivers Data Incident Management

More information

B2B Offerings. Helping businesses op2mize. Infolob s amazing b2b offerings helps your company achieve maximum produc2vity

B2B Offerings. Helping businesses op2mize. Infolob s amazing b2b offerings helps your company achieve maximum produc2vity B2B Offerings Helping businesses op2mize Infolob s amazing b2b offerings helps your company achieve maximum produc2vity What is B2B? B2B is shorthand for the sales prac4ce called business- to- business

More information

Panorama Consulting Group. PERFECT Fit ERP Selection Framework

Panorama Consulting Group. PERFECT Fit ERP Selection Framework Panorama Consulting Group PERFECT Fit ERP Selection Framework 1 Goals of the meeting Meeting Goals and Agenda Help Panorama better understand the Client Address questions about Panorama s ERP selection

More information

Cloud Data Security and the Insider Threat

Cloud Data Security and the Insider Threat Cloud Data Security and the Insider Threat Sol Cates CSO @solcates scates@vormetric.com Copyright 2014 Vormetric, Inc. All rights reserved. A bit about me InfoSec for ~ 18 years Currently have 4 jobs Infrastructure

More information

Webinar: Having the Best of Both World- Class Customer Experience and Comprehensive Iden=ty Security

Webinar: Having the Best of Both World- Class Customer Experience and Comprehensive Iden=ty Security Webinar: Having the Best of Both World- Class Customer Experience and Comprehensive Iden=ty Security With Iden>ty Expert and UnboundID Customer Bill Bonney Today s Speakers Bill Bonney Formerly Director,

More information

Effec%ve AX 2012 Upgrade Project Planning and Microso< Sure Step. Arbela Technologies

Effec%ve AX 2012 Upgrade Project Planning and Microso< Sure Step. Arbela Technologies Effec%ve AX 2012 Upgrade Project Planning and Microso< Sure Step Arbela Technologies Why Upgrade? What to do? How to do it? Tools and templates Agenda Sure Step 2012 Ax2012 Upgrade specific steps Checklist

More information

How To Perform a SaaS Applica7on Inventory in. 5Simple Steps. A Guide for Informa7on Security Professionals. Share this ebook

How To Perform a SaaS Applica7on Inventory in. 5Simple Steps. A Guide for Informa7on Security Professionals. Share this ebook How To Perform a SaaS Applica7on Inventory in 5Simple Steps A Guide for Informa7on Security Professionals WHY SHOULD I READ THIS? This book will help you, the person in the organiza=on who cares deeply

More information

Cost Effec/ve Approaches to Best Prac/ces in Data Analy/cs for Internal Audit

Cost Effec/ve Approaches to Best Prac/ces in Data Analy/cs for Internal Audit Cost Effec/ve Approaches to Best Prac/ces in Data Analy/cs for Internal Audit Presented to: ISACA and IIA Joint Mee/ng October 10, 2014 By Outline Introduc.on The Evolving Role of Internal Audit The importance

More information

FTC Data Security Standard

FTC Data Security Standard FTC Data Security Standard The FTC takes the posi6on (Being tested now in li6ga6on) that Sec6on 5 of the FTC Act requires Reasonable Security under the circumstances: that companies have reasonable controls

More information

Managed Services. An essen/al set of tools for today's businesses

Managed Services. An essen/al set of tools for today's businesses Managed Services An essen/al set of tools for today's businesses Manage your enterprise better with a holis/c solu/on to all your IT worries only at Infolob What are Managed Services? By far the most cu/ng

More information

San Francisco Chapter. Presented by Mike O. Villegas, CISA, CISSP

San Francisco Chapter. Presented by Mike O. Villegas, CISA, CISSP Presented by Mike O. Villegas, CISA, CISSP Agenda Information Security (IS) Vision at Newegg.com Typical Issues at Most Organizations Information Security Governance Four Inter-related CoBIT Domains ISO

More information

Cloud Compu)ng in Educa)on and Research

Cloud Compu)ng in Educa)on and Research Cloud Compu)ng in Educa)on and Research Dr. Wajdi Loua) Sfax University, Tunisia ESPRIT - December 2014 04/12/14 1 Outline Challenges in Educa)on and Research SaaS, PaaS and IaaS for Educa)on and Research

More information

Everything You Need to Know about Cloud BI. Freek Kamst

Everything You Need to Know about Cloud BI. Freek Kamst Everything You Need to Know about Cloud BI Freek Kamst Business Analy2cs Insight, Bussum June 10th, 2014 What s it all about? Has anything changed in the world of BI? Is Cloud Compu2ng a Hype or here to

More information

Payments Cards and Mobile Consul3ng Overview 2013

Payments Cards and Mobile Consul3ng Overview 2013 Payments Cards and Mobile Consul3ng Overview 2013 Our Services A digital publishing and marke3ng pla4orm for the future of payments Publishing Research Consul0ng Public Rela0ons Marke0ng/Branding Corporate

More information

Online Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1

Online Enrollment Op>ons - Sales Training. 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Online Enrollment Op>ons - Sales Training 2011. Benefi+ocus.com, Inc. All rights reserved. Confiden>al and Proprietary 1 Agenda Understand Why This is Important Enrollment Op>ons Available EDI Blues Enroll

More information

Introduc)on to the IoT- A methodology

Introduc)on to the IoT- A methodology 10/11/14 1 Introduc)on to the IoTA methodology Olivier SAVRY CEA LETI 10/11/14 2 IoTA Objec)ves Provide a reference model of architecture (ARM) based on Interoperability Scalability Security and Privacy

More information

Developing Your Roadmap The Association of Independent Colleges and Universities of Massachusetts. October 3, 2013

Developing Your Roadmap The Association of Independent Colleges and Universities of Massachusetts. October 3, 2013 Developing Your Roadmap The Association of Independent Colleges and Universities of Massachusetts October 3, 2013 Agenda 1. Introductions 2. Higher Ed Industry Trends 3. Technology Trends in Higher Ed

More information

S24 Virtualiza.on Security from the Auditor Perspec.ve

S24 Virtualiza.on Security from the Auditor Perspec.ve S24 Virtualiza.on Security from the Auditor Perspec.ve Rob Clyde, CEO, Adap.ve Compu.ng; former CTO, Symantec David Lu, Senior Product Manager, Trend Micro Hemma Prafullchandra, CTO/SVP Products, HyTrust

More information

Using FICAM as a model for TSCP Best Prac:ces in Physical Iden:ty and Access Management. TSCP Symposium November 2013

Using FICAM as a model for TSCP Best Prac:ces in Physical Iden:ty and Access Management. TSCP Symposium November 2013 Using FICAM as a model for TSCP Best Prac:ces in Physical Iden:ty and Access Management TSCP Symposium November 2013 Quantum Secure s Focus on FICAM and Related Standards Complete Suite of Physical Iden:ty

More information

Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protec/ng Informa/on Assets Greg Senko

Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protec/ng Informa/on Assets Greg Senko Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning MIS5206 Week 8 In the News Readings In Class Case Study BCP/DRP Test Taking Tip Quiz In the News Discuss items

More information

Cloud Security and Managing Use Risks

Cloud Security and Managing Use Risks Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access

More information

DTCC Data Quality Survey Industry Report

DTCC Data Quality Survey Industry Report DTCC Data Quality Survey Industry Report November 2013 element 22 unlocking the power of your data Contents 1. Introduction 3 2. Approach and participants 4 3. Summary findings 5 4. Findings by topic 6

More information

PCI Compliance for Cloud Applications

PCI Compliance for Cloud Applications What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage

More information

So#ware quality assurance - introduc4on. Dr Ana Magazinius

So#ware quality assurance - introduc4on. Dr Ana Magazinius So#ware quality assurance - introduc4on Dr Ana Magazinius 1 What is quality? 2 What is a good quality car? 2 and 2 2 minutes 3 characteris4cs 3 What is quality? 4 What is quality? How good or bad something

More information

MPS & VPS: Not Just for Hos1ng!

MPS & VPS: Not Just for Hos1ng! MPS & VPS: Not Just for Hos1ng! Ivan Hur) Sr. Product Manager Verio Inc Privileged and Confiden/al: NDA Required for External Disclosure 2/11/10 1 Privileged and Confiden/al: NDA Required for External

More information

The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases

The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases Elba Horta Regional Sales Manager, Southern Europe SSH Communica1ons Security elba.horta@ssh.com ENABLE,

More information

Privileged Account Management Mar3n Cannard, Security Solu3ons Architect

Privileged Account Management Mar3n Cannard, Security Solu3ons Architect Privileged Account Management Mar3n Cannard, Security Solu3ons Architect Customer Use Cases - Introduc3on A US-based Natural Gas and Electric company serving multiple states Project Requirements Only grant

More information

Business Analysis Center of Excellence The Cornerstone of Business Transformation

Business Analysis Center of Excellence The Cornerstone of Business Transformation February 20, 2013 Business Analysis Center of Excellence The Cornerstone of Business Transformation John E. Parker, CEO Enfocus Solutions Inc. www.enfocussolutions.com 0 John E. Parker (Introduc3on) President

More information

Modernizing EDI: How to Cut Your Migra6on Costs by Over 50%

Modernizing EDI: How to Cut Your Migra6on Costs by Over 50% Modernizing EDI: How to Cut Your Migra6on Costs by Over 50% EDI Moderniza6on: Before and ABer External Loca;ons, Partners, and Services Customers Suppliers / Service Providers Cloud/SaaS Applica;ons &

More information

Case Study. The SACM Journey at the Ontario Government

Case Study. The SACM Journey at the Ontario Government Case Study The SACM Journey at the Ontario Government Agenda Today s Objec=ves The Need for SACM Our SACM Journey Scope and Governance Process Ac=vi=es Key Process Roles Training and Measurement Lessons

More information

Informa.on Systems in Organiza.ons

Informa.on Systems in Organiza.ons Informa.on Systems in Organiza.ons MIS 2101 Week 7 / Chapter 7 Enhancing Business Processes Using Enterprise Informa.on Systems Photo: Objet Mathema+que by Man Ray, 1934 Chapter 7 Learning Objec.ves Core

More information

PCI DSS Compliance: The Importance of Privileged Management. Marco Zhang marco_zhang@dell.com

PCI DSS Compliance: The Importance of Privileged Management. Marco Zhang marco_zhang@dell.com PCI DSS Compliance: The Importance of Privileged Management Marco Zhang marco_zhang@dell.com What is a privileged account? 2 Lots of privileged accounts Network Devices Databases Servers Mainframes Applications

More information

Enterprise Systems Tech. solutions, strategic persp. and org. considerations. TDEI13, 2014-09- 17 Özgün Imre

Enterprise Systems Tech. solutions, strategic persp. and org. considerations. TDEI13, 2014-09- 17 Özgün Imre Enterprise Systems Tech. solutions, strategic persp. and org. considerations TDEI13, 2014-09- 17 Özgün Imre Agenda Report presenta=ons With candy as reward Literature Discussion Lee, Jinyoul; Keng Siau

More information

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski March 2015 is a comprehensive Privileged Identity Management solution for physical and virtual environments with a very broad range of supported

More information

Performance Management. Ch. 9 The Performance Measurement. Mechanism. Chiara Demar8ni UNIVERSITY OF PAVIA. mariachiara.demar8ni@unipv.

Performance Management. Ch. 9 The Performance Measurement. Mechanism. Chiara Demar8ni UNIVERSITY OF PAVIA. mariachiara.demar8ni@unipv. UNIVERSITY OF PAVIA Performance Management Ch. 9 The Performance Measurement Mechanism Chiara Demar8ni mariachiara.demar8ni@unipv.it Master in Interna+onal Business and Economics Defini8on Performance

More information

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM Toby Emden Vice President Strategy and Practices 2014 CONTENTS Evolution Business Drivers Provisioning

More information

2013 AWS Worldwide Public Sector Summit Washington, D.C.

2013 AWS Worldwide Public Sector Summit Washington, D.C. Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company

More information

BPO. Accerela*ng Revenue Enhancements Through Sales Support Services

BPO. Accerela*ng Revenue Enhancements Through Sales Support Services BPO Accerela*ng Revenue Enhancements Through Sales Support Services What is BPO? Business Process Outsorcing (BPO) is the process of outsourcing specific business func6ons to a third- party service provider

More information

MAXIMIZING THE SUCCESS OF YOUR E-PROCUREMENT TECHNOLOGY INVESTMENT. How to Drive Adop.on, Efficiency, and ROI for the Long Term

MAXIMIZING THE SUCCESS OF YOUR E-PROCUREMENT TECHNOLOGY INVESTMENT. How to Drive Adop.on, Efficiency, and ROI for the Long Term MAXIMIZING THE SUCCESS OF YOUR E-PROCUREMENT TECHNOLOGY INVESTMENT How to Drive Adop.on, Efficiency, and ROI for the Long Term What We Will Cover Today Presenta(on Agenda! Who We Are! Our History! Par7al

More information

Legacy Archiving How many lights do you leave on? September 14 th, 2015

Legacy Archiving How many lights do you leave on? September 14 th, 2015 Legacy Archiving How many lights do you leave on? September 14 th, 2015 1 Introductions Wendy Laposata, Himforma(cs Tom Chase, Cone Health 2 About Cone Health More than 100 loca=ons 6 hospitals, 3 ambulatory

More information

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps Agenda Security Enablement Concepts for BYOD & SaaS Cloud Apps! Intro and background! BYOD

More information

Securing Oracle E-Business Suite in the Cloud

Securing Oracle E-Business Suite in the Cloud Securing Oracle E-Business Suite in the Cloud November 18, 2015 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation Agenda The

More information

A R o a d t o y o u r C l o u d. Professional Service. C R M a n d C l o u d C o n s u l t i n g

A R o a d t o y o u r C l o u d. Professional Service. C R M a n d C l o u d C o n s u l t i n g RM-C A R o a d t o y o u r C l o u d Professional Service C R M a n d C l o u d C o n s u l t i n g CRM-C Highlights! A Unique Cloud CRM Consulting service firm! Specializing in cloud CRM and Office Collaboration

More information

Big Data. The Big Picture. Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas

Big Data. The Big Picture. Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas Big Data The Big Picture Our flexible and efficient Big Data solu9ons open the door to new opportuni9es and new business areas What is Big Data? Big Data gets its name because that s what it is data that

More information

Privilege Gone Wild: The State of Privileged Account Management in 2015

Privilege Gone Wild: The State of Privileged Account Management in 2015 Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...

More information

Information and Communications Technology Supply Chain Risk Management (ICT SCRM) AND NIST Cybersecurity Framework

Information and Communications Technology Supply Chain Risk Management (ICT SCRM) AND NIST Cybersecurity Framework Information and Communications Technology Supply Chain Risk Management (ICT SCRM) AND NIST Cybersecurity Framework Don t screw with my chain, dude! Jon Boyens Computer Security Division IT Laboratory November

More information

Empowering Your Business in the Cloud Without Compromising Security

Empowering Your Business in the Cloud Without Compromising Security Empowering Your Business in the Cloud Without Compromising Security Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive

More information

DDOS Mi'ga'on in RedIRIS. SIG- ISM. Vienna

DDOS Mi'ga'on in RedIRIS. SIG- ISM. Vienna DDOS Mi'ga'on in RedIRIS SIG- ISM. Vienna Index Evolu'on of DDOS a:acks in RedIRIS Mi'ga'on Tools Current DDOS strategy About RedIRIS Spanish Academic & research network. Universi'es, research centers,.

More information

Privilege Gone Wild: The State of Privileged Account Management in 2015

Privilege Gone Wild: The State of Privileged Account Management in 2015 Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...

More information

With Great Power comes Great Responsibility: Managing Privileged Users

With Great Power comes Great Responsibility: Managing Privileged Users With Great Power comes Great Responsibility: Managing Privileged Users Darren Harmer Senior Systems Engineer Agenda What is a Privileged User Privileged User Why is it important? Security Intelligence

More information

configurability compares with typical SIEM & Log Management systems Able to install collectors on remote sites rather than pull all data

configurability compares with typical SIEM & Log Management systems Able to install collectors on remote sites rather than pull all data Software Comparison Sheet SIEM & Log OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning

More information

Windows Least Privilege Management and Beyond

Windows Least Privilege Management and Beyond CENTRIFY WHITE PAPER Windows Least Privilege Management and Beyond Abstract Devising an enterprise-wide privilege access scheme for Windows systems is complex (for example, each Window system object has

More information

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions

More information

Splunk for Mobile Intelligence

Splunk for Mobile Intelligence Copyright 2014 Splunk Inc. Splunk for Mobile Intelligence Bill Emme< Director, Solu?ons Marke?ng Panos Papadopoulos Director, Product Management Disclaimer During the course of this presenta?on, we may

More information

configurability compares with typical Asset Monitoring systems Able to install collectors on remote sites rather than pull all data

configurability compares with typical Asset Monitoring systems Able to install collectors on remote sites rather than pull all data Software Comparison Sheet OpViewTM from Software leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today. This award-winning solution

More information

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015 Identity & Management The Cloud Perspective Andrea Themistou 08 October 2015 Agenda Cloud Adoption Benefits & Risks Security Evolution for Cloud Adoption Securing Cloud Applications with IAM Securing Cloud

More information

Approach for Enterprise Architecture Executive Committee. December 3, 2014 Wednesday 11:00AM - 12:00PM Smith Center 561

Approach for Enterprise Architecture Executive Committee. December 3, 2014 Wednesday 11:00AM - 12:00PM Smith Center 561 Approach for Enterprise Architecture Executive Committee December 3, 2014 Wednesday 11:00AM - 12:00PM Smith Center 561 Agenda The EA Vision Milestones for EA at Harvard Governance EA Program Approach Definition

More information

Mobile Payments World. Consul4ng Overview 2013

Mobile Payments World. Consul4ng Overview 2013 Mobile Payments World Consul4ng Overview 2013 About Us Payments Cards and Mobile Consul4ng occupies a niche posi4on in the market. We have been in business for more than 17 years and through our Publica4ons

More information

Connec(ng to the NC Educa(on Cloud

Connec(ng to the NC Educa(on Cloud NC Educa)on Cloud Connec(ng to the NC Educa(on Cloud May 2012 Update! http://cloud.fi.ncsu.edu! Dave Furiness, MCNC! Phil Emer, Friday Institute! 1 First Things First Year one was about planning we are

More information

Tim Blevins Execu;ve Director Labor and Revenue Solu;ons. FTA Technology Conference August 4th, 2015

Tim Blevins Execu;ve Director Labor and Revenue Solu;ons. FTA Technology Conference August 4th, 2015 Tim Blevins Execu;ve Director Labor and Revenue Solu;ons FTA Technology Conference August 4th, 2015 Governance and Organiza;onal Strategy PaIerns of Fraud and Abuse in Government What tools can we use

More information

RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT

RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT Document K23 RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT THE BOTTOM LINE Managing privileged accounts requires balancing accessibility and control while ensuring audit capabilities. Cyber-Ark

More information

VoIP Security How to prevent eavesdropping on VoIP conversa8ons. Dmitry Dessiatnikov

VoIP Security How to prevent eavesdropping on VoIP conversa8ons. Dmitry Dessiatnikov VoIP Security How to prevent eavesdropping on VoIP conversa8ons Dmitry Dessiatnikov DISCLAIMER All informa8on in this presenta8on is provided for informa8on purposes only and in no event shall Security

More information

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities Identity and Access Management Integration with PowerBroker Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 4 BeyondTrust

More information

2015 VORMETRIC INSIDER THREAT REPORT

2015 VORMETRIC INSIDER THREAT REPORT Research Conducted by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security HEALTHCARE EDITION #2015InsiderThreat RESEARCH BRIEF U.S. HEALTHCARE SPOTLIGHT ABOUT THIS RESEARCH

More information

PRIVILEGED IDENTITY MANAGEMENT CASE STUDY. Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health

PRIVILEGED IDENTITY MANAGEMENT CASE STUDY. Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health PRIVILEGED IDENTITY MANAGEMENT CASE STUDY Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health November 10, 2011 Cyber-Ark Overview! Established in 1999, HQ Boston, MA Strategic Partnerships!

More information

ObserveIT User Activity Monitoring

ObserveIT User Activity Monitoring KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger April 2015 ObserveIT provides a comprehensive solution for monitoring user activity across the enterprise. The product operates primarily based on

More information

SC09 Tutorial M06 Cluster Construc5on Tutorial

SC09 Tutorial M06 Cluster Construc5on Tutorial SC09 Tutorial M06 Cluster Construc5on Tutorial Paul Marshall, Michael Oberg Theron Voran, Ma=hew Woitaszek University of Colorado, Boulder Na5onal Center for Atmospheric Research Advanced topics Parallel

More information

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?

More information

October 2014. Four Best Practices for Passing Privileged Account Audits

October 2014. Four Best Practices for Passing Privileged Account Audits Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least

More information

2015-16 ITS Strategic Plan Enabling an Unbounded University

2015-16 ITS Strategic Plan Enabling an Unbounded University 2015-16 ITS Strategic Plan Enabling an Unbounded University Update: July 31, 2015 IniAaAve: Agility Through Technology Vision Mission Enable Unbounded Learning Support student success through the innovaave

More information

San Jacinto College Banner & Enterprise Applica5on Review Task Force Report. November 01, 2011 FINAL

San Jacinto College Banner & Enterprise Applica5on Review Task Force Report. November 01, 2011 FINAL San Jacinto College Banner & Enterprise Applica5on Review Task Force Report November 01, 2011 FINAL 1 Content Review goal and approach 3 Barriers to effec5ve use of Banner: Consultant observa5ons 10 Consultant

More information

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere Protecting Databases from Unauthorized Activities Using Imperva SecureSphere White Paper As the primary repository for the enterprise s most valuable information, the database is perhaps the most sensitive

More information

Trust but Verify: Best Practices for Monitoring Privileged Users

Trust but Verify: Best Practices for Monitoring Privileged Users Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity

More information

Data Centric Security

Data Centric Security Data Centric Security What s wrong and what to do about it Mike Shanahan Regional Sales Manager Albert Dolan Senior Systems Engineer, EMEA IT s Dirty Little Secret 30+ Years super users have been managing

More information

Covered En**es Should Periodically Audit Third Party Vendors/Business Associates Why, What, & How?

Covered En**es Should Periodically Audit Third Party Vendors/Business Associates Why, What, & How? Covered En**es Should Periodically Audit Third Party Vendors/Business Associates Why, What, & How? March 27 th 12 pm EDT Moderator: Gerry Blass Panelists: Mac McMillan, Francois Bodhuin, Lou Dignam Webinar

More information

Building an Effec.ve Cloud Security Program

Building an Effec.ve Cloud Security Program Building an Effec.ve Cloud Security Program Laura Posey Senior Security Strategist, Microso3 Corpora6on Co- Chair, CSA CAIQ Programming Chair, NY Metro CSA Chapter Is Cloud worth it? Yes! Pla?orm for Innova.on

More information

Disaster Recovery Planning and Implementa6on. Chris Russel Director, IT Infrastructure and ISO Compu6ng and Network Services York University

Disaster Recovery Planning and Implementa6on. Chris Russel Director, IT Infrastructure and ISO Compu6ng and Network Services York University Disaster Recovery Planning and Implementa6on Chris Russel Director, IT Infrastructure and ISO Compu6ng and Network Services York University Agenda Background for York s I.T. Disaster Recovery Planning

More information

AIS TECHNOLOGY SOLUTIONS GUIDE

AIS TECHNOLOGY SOLUTIONS GUIDE AIS TECHNOLOGY SOLUTIONS GUIDE WHAT IS AIS AT TECH DATA? Advanced Infrastructure Solutions provide resellers with everything they need to keep their data centers up-to-date with the latest technology.

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

TRIPWIRE NERC SOLUTION SUITE

TRIPWIRE NERC SOLUTION SUITE CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering

More information

Phone Systems Buyer s Guide

Phone Systems Buyer s Guide Phone Systems Buyer s Guide Contents How Cri(cal is Communica(on to Your Business? 3 Fundamental Issues 4 Phone Systems Basic Features 6 Features for Users with Advanced Needs 10 Key Ques(ons for All Buyers

More information

Introduc)on of Pla/orm ISF. Weina Ma Weina.Ma@uoit.ca

Introduc)on of Pla/orm ISF. Weina Ma Weina.Ma@uoit.ca Introduc)on of Pla/orm ISF Weina Ma Weina.Ma@uoit.ca Agenda Pla/orm ISF Product Overview Pla/orm ISF Concepts & Terminologies Self- Service Applica)on Management Applica)on Example Deployment Examples

More information

Project Management Success on SharePoint

Project Management Success on SharePoint Project Management Success on SharePoint The Enterprise PMO Problem How to do the following: How to manage a large porolio of projects over a wide geographical region? How to manage project status repor9ng

More information

Oracle Solu?ons for Higher Educa?on

Oracle Solu?ons for Higher Educa?on Presented with Oracle Solu?ons for Higher Educa?on Cole Clark Global Vice President Oracle, Educa?on & Research June 12, 2014 Oracle Confiden?al Internal/Restricted/Highly Restricted Safe Harbor Statement

More information

Fixed Scope Offering (FSO) for Oracle SRM

Fixed Scope Offering (FSO) for Oracle SRM Fixed Scope Offering (FSO) for Oracle SRM Agenda iapps Introduc.on Execu.ve Summary Business Objec.ves Solu.on Proposal Scope - Business Process Scope Applica.on Implementa.on Methodology Time Frames Team,

More information

Cloud Compu?ng & Big Data in Higher Educa?on and Research: African Academic Experience

Cloud Compu?ng & Big Data in Higher Educa?on and Research: African Academic Experience 3 rd SG13 Regional Workshop for Africa on ITU- T Standardiza?on Challenges for Developing Countries Working for a Connected Africa (Livingstone, Zambia, 23-24 February 2015) Cloud Compu?ng & Big Data in

More information

Identity Access Management Challenges and Best Practices

Identity Access Management Challenges and Best Practices Identity Access Management Challenges and Best Practices Mr. Todd Rossin, Managing Director/Founder IDMWorks Special Thanks to JHU APL for providing the Parsons Auditorium for our use this evening 1 December

More information

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

What IT Auditors Need to Know About Secure Shell. SSH Communications Security What IT Auditors Need to Know About Secure Shell SSH Communications Security Agenda Secure Shell Basics Security Risks Compliance Requirements Methods, Tools, Resources What is Secure Shell? A cryptographic

More information

1. Introduc+on and Background. 2. Service Overview. 3. Your Requirements. Cloud Services so far Feasibility Study Next Steps Procurement, POC

1. Introduc+on and Background. 2. Service Overview. 3. Your Requirements. Cloud Services so far Feasibility Study Next Steps Procurement, POC 1. Introduc+on and Background Cloud Services so far Feasibility Study Next Steps Procurement, POC 2. Service Overview Service Profile The Architecture & principles The Service Features/Characteris+cs 3.

More information

Paco Hope <paco@cigital.com> Florence Mo ay <fmo ay@cigital.com> 2012 Cigital. All Rights Reserved. SecAppDev. Define third party so ware

Paco Hope <paco@cigital.com> Florence Mo ay <fmo ay@cigital.com> 2012 Cigital. All Rights Reserved. SecAppDev. Define third party so ware Paco Hope Florence Moay 2012 Cigital. All Rights Reserved. SecAppDev 1 Objectives Define third party soware What it is, why we use it Define the risks from third

More information

AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT

AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT Dalton Cervo Author, Consultant, Management Expert September 2015 This presenta?on contains extracts from books that are: Copyright 2011 John Wiley & Sons,

More information