Leveraging Privileged Identity Governance to Improve Security Posture



Similar documents
defending against advanced persistent threats: strategies for a new era of attacks agility made possible

SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management

IBM Security Privileged Identity Manager helps prevent insider threats

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

Teradata and Protegrity High-Value Protection for High-Value Data

How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?

8 Key Requirements of an IT Governance, Risk and Compliance Solution

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

IBM QRadar Security Intelligence April 2013

Seven Things To Consider When Evaluating Privileged Account Security Solutions

With Great Power comes Great Responsibility: Managing Privileged Users

CA point of view: Content-Aware Identity & Access Management

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

CA Technologies Healthcare security solutions:

Leveraging a Maturity Model to Achieve Proactive Compliance

Identity Centric Security: Control Identity Sprawl to Remove a Growing Risk

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio

Strengthen security with intelligent identity and access management

IBM Security Intelligence Strategy

How to Secure Your SharePoint Deployment

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

privileged identities management best practices

The NIST Framework for Improving Critical Infrastructure Cybersecurity - An Executive Guide

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

how can I comprehensively control sensitive content within Microsoft SharePoint?

20 Critical Security Controls

agility made possible

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

CyberArk Privileged Threat Analytics. Solution Brief

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

Privilege Gone Wild: The State of Privileged Account Management in 2015

How can Identity and Access Management help me to improve compliance and drive business performance?

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

How To Comply With Ffiec

IBM Security QRadar Vulnerability Manager

Transforming IT Processes and Culture to Assure Service Quality and Improve IT Operational Efficiency

Extreme Networks Security Analytics G2 Vulnerability Manager

Boosting enterprise security with integrated log management

PCI Compliance for Cloud Applications

How To Manage Security On A Networked Computer System

CORE Security and GLBA

Secret Server Qualys Integration Guide

FIVE PRACTICAL STEPS

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

Auditing the Security of an SAP HANA Implementation

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Stay ahead of insiderthreats with predictive,intelligent security

IBM SECURITY QRADAR INCIDENT FORENSICS

HIGH-RISK USER MONITORING

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Three significant risks of FTP use and how to overcome them

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Best Practices for PCI DSS V3.0 Network Security Compliance

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

The Challenges of Administering Active Directory

SURVEY REPORT SPON. Identifying Critical Gaps in Database Security. Published April An Osterman Research Survey Report.

IBM Software Top tips for securing big data environments

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

Developing Secure Software in the Age of Advanced Persistent Threats

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Safeguarding the cloud with IBM Dynamic Cloud Security

Data Security: Fight Insider Threats & Protect Your Sensitive Data

IBM Tivoli Compliance Insight Manager

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

How To Manage A Privileged Account Management

IT Security & Compliance. On Time. On Budget. On Demand.

Privilege Gone Wild: The State of Privileged Account Management in 2015

The Cloud App Visibility Blindspot

Access is power. Access management may be an untapped element in a hospital s cybersecurity plan. January kpmg.com

agility made possible

White Paper. Managing Risk to Sensitive Data with SecureSphere

Cisco Advanced Services for Network Security

Privileged User Monitoring for SOX Compliance

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

PCI Solution for Retail: Addressing Compliance and Security Best Practices

Transcription:

Leveraging Privileged Identity Governance to Improve Security Posture

Understanding the Privileged Insider Threat It s no secret that attacks on IT systems and information breaches have increased in both frequency and impact in recent years. However, it may come as a surprise to some that a majority of these attacks are generated by insiders. Privileged users with access to sensitive data and IP can create significant risk for the business. There are three types of insider threats for which organizations must account: Malicious insiders who deliberately steal information or cause damage Exploited insiders who are unwittingly targeted by external attackers Careless insiders who make unintended mistakes Special attention should be paid to the exploited insider type, as perpetrators of advanced persistent threats (APTs) often infiltrate a target network, then take control of privileged identities in order to gain access to critical systems and data. 02

Understanding the Privileged Insider Threat (continued) Industry statistics show that IT saboteurs with administrator or privileged access within their organizations have been responsible for a majority of breaches. But what are the potential motives of these attackers? IP theft involves a privileged user leveraging IT systems to steal IP from the company. Espionage encompasses a privileged user seeking classified information, trade secrets and IP in order to gain national, strategic or competitive advantage. Fraud occurs when a privileged user leverages IT systems to modify, add or delete the organization s data for personal gain. IT sabotage takes place when a privileged user misuses networks, systems or data to harm a specific individual or the organization. In reviewing this list, it s not difficult to see what s at stake. When it comes to loss of company IP, compromised systems and data or even just word of a breach hitting the wire, organizations are looking at significant revenue losses, penalties and a damaged reputation in the marketplace. The cost of security breaches averages $5.4 million per year for U.S. businesses. 1 1 Ponemon Institute. 2013 Cost of Data Breach Study: Global Analysis. May, 2013. 03

Assessing the Challenges and Risks of Privileged Identities As a result of these ever-increasing threats, many organizations are re-examining their security practices, looking for gaps that could be exploited internally or externally whether by accident or with malicious intent. As part of this re-examination, companies must take a fresh look at privileged identities, which can pose a significant threat to network and data security when not properly managed. These risks manifest themselves when privileged users are given all-powerful access and are subject to limited accountability. All-powerful access Unrestricted root or Administrator access No segregation of duties Lack of accountability Use of shared accounts Poor log integrity and quality Virtualization magnifies these challenges by adding administrators who can make significant changes to entire virtual environments while having little accountability for their actions. 04

How to Recognize Susceptibility to Privilege Exploitation While it s important for organizations to understand the risks associated with insider and external threats, they often do not have a simple way to evaluate how vulnerable they are to such attacks. Below are four common symptoms of an IT environment that is susceptible to privilege exploitation: Orphaned accounts are created when users leave a company, but their credentials remain active. They are common weaknesses that are often exploited by disgruntled administrators. Privilege creep happens when users job functions evolve, and they are given additional access rights. This often leads to users having more privileges than they actually need. Audit burdens multiply when access privileges are not closely monitored, because the processes involved with verifying user access require time-consuming, manual effort. Lack of visibility means not only struggling to identify what kind of access users have, but also failing to know if, when, where and how that access was used. Organizations that experience one or more of these symptoms are significantly more likely to experience insider or external attacks and suffer from the revenue loss, penalties and brand damage that often accompany them. How do they avoid this? By leveraging a Privileged Identity Governance solution that can help close their vulnerability gaps. 05

The Need for Privileged Identity Governance While most organizations have already implemented some form of privileged identity management to better protect and control sensitive servers, many of these deployments lack the holistic visibility and automated processes that are necessary for verifying administrator access rights on an ongoing basis. Privileged Identity Governance brings together three critical capability areas, so organizations can remove common exploitation points within their IT environments and prevent insider and external attacks: Privileged Identity Governance Identity and access governance Privileged identity management User activity reporting 06

The Need for Privileged Identity Governance (continued) Privileged Identity Governance Identity and access governance Privileged identity management User activity reporting As the first component of a Privileged Identity Governance solution, identity and access governance includes powerful identity analytics and flexible workflows that organizations can leverage to develop and apply identity policies across the entire enterprise. With identity and access governance, companies can: Leverage analytics to assess, audit and clean up excessive access rights Automate entitlement certification for users, roles and resources, and remediate entitlements Establish centralized segregation of duties (SoD) policies Monitor access rights via comprehensive dashboards and reports 07

The Need for Privileged Identity Governance (continued) Privileged Identity Governance Identity and access governance Privileged identity management User activity reporting As the second component of a Privileged Identity Governance solution, privileged identity management utilizes automated privilege control capabilities to help an organization put the policies developed via the governance phase into action. With privileged identity management, companies can: Leverage fine-grained access controls to secure passwords for shared accounts and implement least privilege access Discover and propose potential roles based on access patterns and organizational characteristics Discover the underlying business structure, and turn millions of access rights into hundreds of roles Adapt models as the business evolves over time 08

The Need for Privileged Identity Governance (continued) Privileged Identity Governance Identity and access governance Privileged identity management User activity reporting Finally, there is the user activity reporting component of a Privileged Identity Governance solution, which helps organizations increase their visibility into user activity (i.e., what resources are being used by whom, when, where and how). Example reports typically include: Policy management: View the status of policy deployment and deviations from standard policies. Entitlements: View the entitlement users and groups have over system resources (for example, to see who has root access to the systems). User management: View inactive accounts, users, group memberships and administrative accounts, and manage SoD. Password management: View information on password aging, password policy compliance, etc. Privileged user access: View all privileged user activity, including check-in, check-out, workflow approvals and other actions. 09

Best Practices for Implementing a Privileged Identity Governance Solution To help ensure success, an implementation of a Privileged Identity Governance solution should be viewed as a continuous process spanning four key phases. Planning Foundation Automation Optimization During phase one, an organization must conduct a risk assessment of its overall environment, beginning with the systems and users that represent the highest risk profile to the business. After systems have been identified, phase two involves cleaning up privileged users entitlements, removing orphan accounts and users with excessive privileges and beginning to develop a consistent role model that can be applied across all privileged users within the organization. With a solid foundation in place, the organization moves on to phase three, which consists of automating specific identity processes, such as user provisioning, role management and entitlement certification. Phase four represents the ongoing refinement of the solution through active monitoring and adjustments as the business evolves and changes over time. 10

The Business Value of Privileged Identity Governance At its core, Privileged Identity Governance is all about addressing the two previously discussed challenges of all-powerful access and lack of accountability. It does this by automating the management of relationships between people, their credentials and their access rights on each system. After successfully implementing a Privileged Identity Governance solution, organizations can look forward to the following business benefits: Reduced administrative costs via automation of routine tasks, such as verifying users access rights, which offloads that burden from IT. Enhanced compliance support via automatic enforcement of security controls that have been mandated by regulations, compliance frameworks and internal/external auditors. Increased accountability through centralized identity administration processes that follow consistent approval workflows and create detailed audit trails. Improved visibility into administrator access and actual usage via user activity reporting to examine privileged user activity and actions. 11

About the Solution from CA Technologies The Privileged Identity Governance solution from CA Technologies results from the fusion of two leading identity management products: CA ControlMinder and CA GovernanceMinder. CA GovernanceMinder is designed to automate identity and access governance processes and provides continuous identity controls. This starts with leveraging a business-friendly role foundation to present information to users in the context that makes sense to them. It also checks security policies and highlights potential access or entitlements violations to business managers during such processes as entitlements certification. CA ControlMinder is a scalable solution that provides privileged user password management, fine-grained access controls, user activity reporting and UNIX authentication bridging across servers, applications and devices from a central management console. For more information about Privileged Identity Governance from CA Technologies, visit ca.com/identity-management. CA Technologies (NASDAQ: CA) is an IT management software and solutions company with expertise across all IT environments from mainframe and distributed, to virtual and cloud. CA Technologies manages and secures IT environments and enables customers to deliver more flexible IT services. CA Technologies innovative products and services provide the insight and control essential for IT organizations to power business agility. The majority of the Global Fortune 500 relies on CA Technologies to manage evolving IT ecosystems. Copyright 2014 CA. All rights reserved. UNIX is a registered trademark of The Open Group. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information