PRIVILEGED IDENTITY MANAGEMENT CASE STUDY. Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health



Similar documents
SECURE, MANAGE & CONTROL PRIVILEGED ACCOUNTS & SESSIONS

GOT PRIVILEGE? - THE PRIVILEGED CHALLENGE Adam Bosnian EVP America s and Corporate Development

Learn From the Experts: CyberArk Privileged Account Security. Łukasz Kajdan, Sales Manager Baltic Region Veracomp SA

Privileged - Super Users out of Control

Privileged Session Management Suite: Solution Overview

SECURE, MANAGE & CONTROL PRIVILEGED ACCOUNTS & SESSIONS. Presenter: Terence Siau

MANAGEMENT IN THE CLOUD ADAM BOSNIAN

Complying with National Institute of Standards and Technology (NIST) Special Publication (SP) An Assessment of Cyber-Ark's Solutions

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

The 10 Pains of UNIX Security. Learn How Privileged Account Security Solutions are the Right Painkiller

Trust but Verify: Best Practices for Monitoring Privileged Users

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Achieving PCI Compliance for: Privileged Password Management & Remote Vendor Access

The CyberArk Privileged Account Security Solution. A complete solution to protect, monitor, detect, alert and respond to privileged accounts

The CyberArk Privileged Account Security Solution. A complete solution to protect, monitor, detect and respond to privileged accounts

Privilege Gone Wild: The State of Privileged Account Management in 2015

RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT

PCI DSS Compliance: The Importance of Privileged Management. Marco Zhang

Privileged Account Management Mar3n Cannard, Security Solu3ons Architect

Privilege Gone Wild: The State of Privileged Account Management in 2015

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

Windows Least Privilege Management and Beyond

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

IBM Security Privileged Identity Manager helps prevent insider threats

SWOT Assessment: BeyondTrust Privileged Identity Management Portfolio

How can Identity and Access Management help me to improve compliance and drive business performance?

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

Next Generation Jump Servers for Industrial Control Systems

Oracle E-Business Suite APPS, SYSADMIN, and oracle Securing Generic Privileged Accounts. Stephen Kost Chief Technology Officer Integrigy Corporation

How To Manage A Privileged Account Management

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Securing Remote Vendor Access with Privileged Account Security

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

HIPAA Compliance Use Case

privileged identities management best practices

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

Global Privileged Identity Management Market. technavio insights

Privileged Identity Management

Privileged Identity Management. An Executive Overview

Intel Enhanced Data Security Assessment Form

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

PowerBroker for Windows Desktop and Server Use Cases February 2014

Mirantis OpenStack Express: Security White Paper

DMZ Gateways: Secret Weapons for Data Security

Virtualization Impact on Compliance and Audit

Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.

PowerBroker for Windows

BEST PRACTICES FOR UNIX/LINUX PRIVILEGED IDENTITY AND ACCESS MANAGEMENT

Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600

Secret Server Qualys Integration Guide

Mobile Admin Architecture

Virtualization Case Study

Administration Guide NetIQ Privileged Account Manager 3.0.1

ManageEngine Password Manager Pro Vs Thycotic Secret Server

managing SSO with shared credentials

The IDG 9074 Remote Access Controller

HOW OBSERVEIT ADDRESSES KEY HONG KONG IT SECURITY GUIDELINES

Policy Management: The Avenda Approach To An Essential Network Service

BMC Control-M Workload Automation

SaaS the new normal. Service-now.com, Terry Brown

Vistara Lifecycle Management

Privileged Administra0on Best Prac0ces :: September 1, 2015

Service & Process Account Management

Enterprise Random Password Manager Training Guide

Privileged Access Management 15.3 Available Features

Securing Oracle E-Business Suite in the Cloud

Cisco License Manager 3.1

Network and Security Controls

ObserveIT User Activity Monitoring software meets the complex compliance and security challenges related to user activity auditing.

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Enterprise Architecture Review Checklist

Kuppinger Cole Virtual Conference The Three Elements of Access Governance

Secure Shell User Keys and Access Control in PCI-DSS Compliance Environments

RSA SecurID Two-factor Authentication

With Great Power comes Great Responsibility: Managing Privileged Users

Securing Data in Oracle Database 12c

Making Database Security an IT Security Priority

PROTECT YOUR WORLD. Identity Management Solutions and Services

How To Achieve Pca Compliance With Redhat Enterprise Linux

ObserveIT User Activity Monitoring

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

Enterprise Database Security & Monitoring: Guardium Overview

Securing Database Servers. Database security for enterprise information systems and security professionals

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015

CyberArk Privileged Threat Analytics. Solution Brief

Privileged Access Control

How to Eliminate the No: 1 Cause of Network Downtime. Learn about the challenges with configuration management, solutions, and best practices.

<Insert Picture Here> Oracle Database Security Overview

Improving PCI Compliance with Network Configuration Automation

Detailed Analysis Achieving PCI Compliance with SkyView Partners Products for Open Systems

Transcription:

PRIVILEGED IDENTITY MANAGEMENT CASE STUDY Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health November 10, 2011

Cyber-Ark Overview! Established in 1999, HQ Boston, MA Strategic Partnerships! Offices Worldwide! Award-winning patented Vaulting Technology! 50% CAGR in the last 5 years! 900 Global Enterprise customers! 96% renewal rate Recognized Market Leadership Enterprise Security Solution of the Year Winner The company has gradually expanded from its initial start as an enterprise vault for file and sensitive content sharing to assume a commanding position in privileged identity management (PIM) - Steve Copland, April 2010 Cyber-Ark has one of the largest customer bases of the vendors included in this Market Scope and, because of its focus on enterprise customers the largest market share by revenue by a wide margin. - Ant Allan/Perry Carpenter, June 2009 Cyber-Ark is perceived as a leader in the rapidly expanding market for Privileged Access Management solutions. - Martin Kuppinger, 2010 Cyber-ark is at the top of the PIM market, based on product maturity & the number of customer deployments - Mark Diodati, 2009 2

Privileged Identity Privileged Management Identity Management 101 Scope Used by Used for Elevated Personal Personal accounts w/ elevated permissions jsmith_admin IT staff Privileged operations Access to sensitive information Shared Privileged Accounts Application Accounts (App2App) Administrator UNIX root Cisco Enable Oracle SYS Local Administrators ERP admin Hard coded/ embedded App IDs Service Accounts IT staff System admins Network admins DBAs Help desk, etc Developers Legacy application Highly Powerful Difficult to Control, Manage & Monitor Hard-Coded, Unchanged Pose Devastating Risk if Misused Applications Scripts Windows Services Scheduled Tasks Batch jobs, etc Developers Emergency Fire-call Disaster recovery Privileged operations Access to sensitive information Online database access Batch processing App-2-App communication

Privileged Accounts Give PHI System-Wide Access 48% of data breaches were caused by privileged misuse Proactively manage privileged access to prevent such attacks Who has access to PHI systems? Administrators, support Contractors; Cloud Service Providers DBAs Terminated Employees Applications Application specific vendors Why are these breaches happening? Shared account usage Excessive privilege Hidden/Sleeping accounts No revocation of access Non-existent/unenforced access controls Infrequent replacement of credentials * Verizon, 2010 Data Breach Investigations Report 4

Unified Workflows for Accessing Privileged Accounts Unix Admins Windows Admins DBAs VM Admins External Vendors Business Applications Auditor/ Security & Risk OPM Workflow SSH / X / Telnet EPV Workflow AIM AIM Workflow Workflow Monitoring & Reporting Workflow Privileged Identity Management Suite Unix Linux Windows AS400 OS390 Virtual Servers Unix /Linux Servers Windows Servers iseries zseries Mainframes Mainframes Databases Applications Network Security Devices Appliances 5

Challenges: Privileged Identity & Session Management Discover all privileged accounts across datacenter Manage and secure every credential Enforce policies for usage (breakglass, approvals, ticketing, one time password) Record and monitor privileged activities React and comply Productivity Embedded Passwords Config files Application servers Scripts Service accounts 6

PRIVILEGED IDENTITY MANAGEMENT 7

Cyber-Ark Solution Suite Privileged Identities

Enterprise Password Vault In Action 1. Central and Integrated Policy Definition 2. Initial load & Reset Automatic Detection, Bulk upload, Manual 3. Request Workflow Dual control, Integration with Ticketing Systems, One-time Passwords, exclusivity, groups 4. Direct Connection to Device 5. Auditor Access Security/ Risk Management IT Policy Request access to Windows Administrator On prod.dom.us Policy Vault Password Vault Web Access Central Policy Manager System User Pass Unix Oracle Windows z/os Cisco root SYS Administrator DB2ADMIN enable Oiue^$fgW y7qef$1 Tojsd$5fh X5$aq+p lm7yt5w gvina9% tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t Enterprise IT Environment Auditors

About Lancaster General Health! Founded in 1893, Lancaster General Hospital is a 629 bed not-for-profit community hospital in Lancaster, PA.! The hospital is a Type II trauma facility that admits more than 35,000 patients annually and sees 110,000 patients in the ER.! Magnet hospital accredited by the Joint Commission.! Lancaster General Health! Lancaster General Hospital! Women s and Babies Hospital,! Lancaster General College of Nursing and Health Science,! Cleft Palate Clinic! ~ 25 physician practices

Main Business Drivers! Why privileged access management?! Auditing of Privileged Accounts! What are people doing with privileged access?! Why so many domain admin accounts?! How are we controlling vendor access?! Security Management of Privileged Accounts! Who knows shared passwords/service accounts?! What if a privileged account is compromised?! How can we securely manage all the server admin accounts?! Security Controls for Privileged Accounts! How can we prevent access to the PIM?! How can we control access to the objects? 11

Solution Scope/Use Case! Implemented Cyber-Ark Enterprise Password Vault! Main use cases:! Privileged user controls and auditing! One-time (time limited) password! Change management reason capture! Client drop box for sensitive files! Scope - 400+ servers. 1200+ accounts. 200+ users! Special Integration! Firewall/IDS/Appliances! Vendor access control! Customization! Possible Future Scopes! Radius integration for two factor support! Dual access for change management and PCI compliance! Customized interface 12

Main Challenges during Implementation & Solution! Challenges! The new hire! IT Culture! Cost per user per year! Hidden accounts! Negative impact to existing workflow! Resolutions! Management buy in! Marketing and sales! Total solution approach! Appreciate the business vs. risk balance 13

Privileged Session Management for Servers 6 1 HTTPS PVWA 4 Windows 2 RDP over HTTPS Windows Servers IT personnel SSH Unix Linux PSM 3 5 Unix /Linux Servers 1. Logon through PVWA 2. Connect 3. Fetch credential from Vault 4. Connect using native protocols 5. Store session recording 6. View session recording Vault Routers & Switches. 14

Summary: Privileged Identity & Session Management A comprehensive platform for isolating and preemptively protecting your datacenter whether on premise or in the cloud Discover all privileged accounts across datacenter Manage and secure every credential Enforce policies for usage Record and monitor privileged activities React and comply 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information