What should you expect a privileged access management solution to do?

Transcription

1 What should you expect a privileged access management solution to do? BY CHRIS PACE Head of Product Marketing WALLIX I 2016

2 What should you expect a privileged access management solution to do? Traditionally privileged access to systems has been a right of those who need to maintain or support IT infrastructure. In some companies, the principle I trust my admins remains. But today privileged accounts remain a weakness from both insider threats (errors, malicious employees, third party or contractors etc) as well as a target for external attackers with increasing frequency and complexity. With more systems and data in businesses there are more privileged users than ever. As these systems may contain sensitive or personal information, better security and auditing of this kind of activity is absolutely essential. There are two significant challenges you most likely have in addressing how you work with privileged users accessing the resources on your network: CONTROL & VISIBILITY Control Being able to successfully manage users accessing the right resources at the right time will dramatically reduce the risk of a breach. Visibility You may know that you have a set of privileged users who log in to critical infrastructure or systems with sensitive data but how can you know when, for how long or what they re doing during those sessions? 2

3 What should you expect a privileged access management solution to do? WALLIX 2016 In meeting these two challenges head on, an efficient privileged access management (PAM) strategy is built on four pillars: Authentication Monitoring Recording Auditing THE FOUR PILLARS OF PAM : Authentication, Monitoring, Recording, Auditing These capabilities are crucial to begin to effectively secure how privileged users work in your infrastructure whether your own internal teams or third parties. Covering these bases will also meet some significant compliance and regulatory requirements. Let s explore in some more detail how each of these pillars can help you address the challenges that your own business may face. Authentication You ll be able to define access for privileged users, including which systems and protocols are available to them. Adding this kind of control to a single console centralises management for security, but also makes it easier for users who can create a session with a single click. The PAM solution will also integrate with your existing directory services for individual users. The advantages for security here are clear, you can remove the need for shared passwords to be visible to end users by storing them in a secured vault. A PAM solution should also create simple workflows for users to request and be granted access to systems on a one-off, time-limited or permanent basis and give the ability define password policies. Monitoring You need effective monitoring of privileged user activity. With a PAM solution you ll be able to view this activity in real-time, quickly identifying who is connected to which resources and monitoring their actions during that session. And because you re able to assign access to an actual identity you can ensure that users are accountable for their behaviour. The advantages of a system that works in real-time is that alerts are also in real-time and can be quickly responded to. 3

4 What should you expect a privileged access management solution to do? WALLIX 2016 Recording An important aspect of tracing activity is the ability to record user sessions. This helps to analyse and understand a possible incident or breach. This is also useful for forensic analysis or the training of new users. These captured sessions also add power to your existing logging capabilities. These recordings move you beyond event logging to recreate a complete picture of user session activity on any network resource. Auditing Finally the ability to audit privileged session activity. This audit trail will help you towards regulatory compliance. These reports can also be outputted to SIEM or other log analysis tools in your business. This improvement in auditing and internal control will contribute to better control of IT operations and management of risk. PRIVILEGED ACCESS MANAGEMENT IN THE REAL WORLD Deployment It s likely that you ll have concerns about implementing software that will work at the very heart of your enterprise. This apprehension is completely valid. When identifying a PAM product look for the maximum security capabilities balanced with an unobtrusive and straightforward method for deployment. It should fit in with all your existing infrastructure and support as wide a range of operating systems, applications and network devices as possible. The ability to meet all the requirements we ve already outlined from a single console delivered from a single platform will enable you to deploy your PAM solution in the fastest possible time. Usability Whilst your clear focus will be securing and managing privileged user access, you need to ensure that these users will still be able to be effective and productive in their roles. The PAM solution needs to be usable and change as little as possible about how these admins or third parties access the systems they need. 4

5 What should you expect a privileged access management solution to do? WALLIX 2016 Conclusion An effective privileged access management solution will ultimately result in significantly increased security for privileged accounts which will undoubtedly help in reducing your attack surface. Where regulatory compliance must be met successful control and auditing of privileged users forms a significant part of that effort. About the Author Chris Pace is Head of Product Marketing at Wallix UK. Based at the company s City of London office (in Fetter Lane), he works to engage and educate audiences on privileged user management, using his extensive experience delivering security solutions to all kinds of organizations. Before beginning a career in information security Chris trained as a Broadcast Journalist and also has worked in IT departments in the public and private sectors. [email protected] 5

6 WALLIX is a software company offering privileged access management solutions for large and medium sized enterprises, public organizations and cloud service providers, helping their many customers to protect their critical IT assets including data, servers, terminals and connected devices. Wallix AdminBastion Suite (or WAB Suite) gives the most effective route to security and compliance by reducing its users biggest security risk privileged access to IT in the shortest possible time. Customers report that deploying WAB Suite requires only 40% of the time needed for a similar deployment of a leading competitor. This led a leading analyst to conclude WALLIX offers the fastest route to compliance". With an unobtrusive architecture, full multi-tenancy, and virtual appliance packaging, WAB Suite is the easiest solution in its category to implement, use and manage. Its best of breed features which include password management, web access portal, access control and comprehensive session monitoring and recording can be deployed easily and securely on premise or in a hybrid cloud environment. WALLIX is a public company listed on Alternext, with a strong customer presence in EMEA. WALLIX has offices in Paris, London and Munich. Over 300 companies trust WALLIX to secure their IT systems, including Alain Afflelou, Danagas, Dassault Aviation, Gulf Air, Maroc Telecom, McDonald s, Michelin, PSA Peugeot-Citroën and Quick. More information on: WALLIX FRANCE (HQ) [email protected] 118, rue de Tocqueville Paris Tél. : +33 (0) Fax : +33 (0) WALLIX UK [email protected] 1 Fetter Lane, London, EC4A 1BR - UK Office: +44 (0) Fax: +44 (0) WALLIX DEUTSCHLAND [email protected] Landsberger Str München Phone: WALLIX RUSSIA & CIS [email protected] ООО «ИТ БАСТИОН» , Россия, Москва, ул. Большая Семеновская, 45 Тел.: +7 (495) WALLIX ASIA PACIFIC (Bizsecure Asia Pacific Pte Ltd) [email protected] 8 Ubi Road 2, Zervex Singapore Tel: Fax: CSPN Certified