SECURE, MANAGE & CONTROL PRIVILEGED ACCOUNTS & SESSIONS. Presenter: Terence Siau



Similar documents
Privileged - Super Users out of Control

PRIVILEGED IDENTITY MANAGEMENT CASE STUDY. Barak Feldman, Cyber-Ark Software Seth Fogie, Lancaster General Health

SECURE, MANAGE & CONTROL PRIVILEGED ACCOUNTS & SESSIONS

Valery Milman CYBERARK PRIVILEGED ACCOUNT SECURITY

List of Supported Systems & Devices

Privileged Session Management Suite: Solution Overview

GOT PRIVILEGE? - THE PRIVILEGED CHALLENGE Adam Bosnian EVP America s and Corporate Development

The 10 Pains of UNIX Security. Learn How Privileged Account Security Solutions are the Right Painkiller

Learn From the Experts: CyberArk Privileged Account Security. Łukasz Kajdan, Sales Manager Baltic Region Veracomp SA

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

RESEARCH NOTE CYBER-ARK FOR PRIVILEGED ACCOUNT MANAGEMENT

Secret Server Qualys Integration Guide

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

FREQUENTLY ASKED QUESTIONS

Real-Time Database Protection and. Overview IBM Corporation

Trust but Verify: Best Practices for Monitoring Privileged Users

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

Privileged Identity Management

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

Windows Least Privilege Management and Beyond

Guardium Change Auditing System (CAS)

Service & Process Account Management

MANAGEMENT IN THE CLOUD ADAM BOSNIAN

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

HOW OBSERVEIT ADDRESSES KEY HONG KONG IT SECURITY GUIDELINES

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

Next Generation Jump Servers for Industrial Control Systems

Achieving PCI Compliance for: Privileged Password Management & Remote Vendor Access

The CyberArk Privileged Account Security Solution. A complete solution to protect, monitor, detect and respond to privileged accounts

MANAGED SERVICES. Remote Monitoring. Contact US: millenniuminc.com

Complying with National Institute of Standards and Technology (NIST) Special Publication (SP) An Assessment of Cyber-Ark's Solutions

PowerBroker for Windows

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

How To Secure A Database From A Leaky, Unsecured, And Unpatched Server

EXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report

Comprehensive security platform for physical, virtual, and cloud servers

PowerBroker for Windows Desktop and Server Use Cases February 2014

Seven Things To Consider When Evaluating Privileged Account Security Solutions

The CyberArk Privileged Account Security Solution. A complete solution to protect, monitor, detect, alert and respond to privileged accounts

Configuration Audit & Control

Enterprise Database Security & Monitoring: Guardium Overview

How To Manage A Privileged Account Management

Oracle E-Business Suite APPS, SYSADMIN, and oracle Securing Generic Privileged Accounts. Stephen Kost Chief Technology Officer Integrigy Corporation

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Securing Remote Vendor Access with Privileged Account Security

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

ObserveIT User Activity Monitoring software meets the complex compliance and security challenges related to user activity auditing.

SECURE ACCESS TO THE VIRTUAL DATA CENTER

MySQL Security: Best Practices

Enterprise Random Password Manager Training Guide

Virtualization System Security

CyberArk Privileged Threat Analytics. Solution Brief

Securing Data in Oracle Database 12c

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

Take Control of Identities & Data Loss. Vipul Kumra

Privilege Gone Wild: The State of Privileged Account Management in 2015

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

IBM Security Privileged Identity Manager helps prevent insider threats

Measurably reducing risk through collaboration, consensus & practical security management CIS Security Benchmarks 1

CA Virtual Assurance for Infrastructure Managers

SWOT Assessment: BeyondTrust Privileged Identity Management Portfolio

Securing the Service Desk in the Cloud

Security and Control Issues within Relational Databases

PCI DSS Compliance: The Importance of Privileged Management. Marco Zhang

Virtualization Case Study

Alert Logic Log Manager

QRadar SIEM 6.3 Datasheet

Privilege Gone Wild: The State of Privileged Account Management in 2015

Oracle Audit Vault and Database Firewall

HP Security Assessment Services

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Shipping Products Chart. Contents

<Insert Picture Here> Oracle Identity And Access Management

Administration Guide NetIQ Privileged Account Manager 3.0.1

Privileged Identity Management. An Executive Overview

Edit system files. Delete file. ObserveIT Highlights. Change OS settings. Change password. See exactly what users are doing!

RSA Security Solutions for Virtualization

Internal Penetration Test

Mobile Admin Architecture

Security Correlation Server Quick Installation Guide

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

Intro to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

Virtualization Journey Stages

USER ACTIVITY MONITORING FOR IBM SECURITY PRIVILEGED IDENTITY MANAGER

Tech Titans: Lock it down, securing your Costpoint 7 deployments. Drew Roman, IT Solutions Director WJ Technologies L.L.C. GC-518

P13 -Leveraging Active Directory to Secure and Audit Access to Non-

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

GMI CLOUD SERVICES. GMI Business Services To Be Migrated: Deployment, Migration, Security, Management

System Management Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

IBM Tivoli Remote Control

Transcription:

SECURE, MANAGE & CONTROL RIVILEGED ACCOUNTS & SESSIONS resenter: Terence Siau

Agenda Company Introduction Today s Security Challenges rivileged Identity Management Suite Overview rivileged Session Management Suite Overview Sensitive Information Management Suite Overview 2

COMANY INTRODUCTION 3

Cyber-Ark Overview Strategic artnerships Established in 1999, HQ Boston, US Offices Worldwide (including Singapore and Malaysia) 1200+ customers globally Customers in Vietnam: Banks, Oil & Gas, Government Recognized Market Leadership The company has gradually expanded from its initial start as an enterprise vault for file and sensitive content sharing to assume a commanding position in privileged identity management (IM) - Steve Copland, April 2010 Best Identity Management Solution Highly Commended: Information Security roduct of the Year Cyber-Ark is perceived as a leader in the rapidly expanding market for rivileged Access Management solutions. Cyber-Ark has one of the largest customer bases of the vendors included in this Market Scope and, because of its focus on enterprise customers the largest market share by revenue by a wide margin. - Ant Allan/erry Carpenter, June 2009 Cyber-ark is at the top of the IM market, based on product maturity & the number of customer deployments -Mark Diodati, 2009 - Martin Kuppinger, 2010 4

What it takes to be Market Leader? Recognition from Authoritative Bodies A Strong History of Acknowledged Excellence

Cyber-Ark s Solution Suites Sensitive Information Management Suite rivileged Identity Management Suite rivileged Session Management Suite Inter-Business Vault Enterprise assword Vault SM for Servers Sensitive Document Vault Application Identity Manager SM for Databases On-Demand rivileges Manager SM for Virtualization DIGITAL VAULT 6

TODAY S SECURITY CHALLENGES 7

rivileged Account Types Shared redefined: UNIX root Administrative Accounts Cisco enable DBA accounts Windows domain Etc. Help Desk Operations Emergency Legacy applications Developer accounts Hard-coded, embedded: Application Accounts Not owned by any person or identity Service Accounts: Resource (DB) IDs Windows Service Accounts Application / Generic IDs Scheduled Tasks Batch jobs Testing Scripts Windows Local administrator: ersonal Computer Accounts Owned by the system: Shared: Desktops Laptops

rivileged Accounts Give System-Wide Access 48% of data breaches were caused by privileged misuse roactively manage privileged access to prevent such attacks Who has access to privileged accounts? Administrators Contractors; Cloud Service roviders DBAs Terminated Employees Applications Why are these breaches happening? Shared account usage Excessive privilege Hidden/Sleeping accounts Non-existent/unenforced access controls Infrequent replacement of credentials * Verizon, 2010 Data Breach Investigations Report 9

RIVILEGED IDENTITY MANAGEMENT 10

rivileged Identity Management Suite v.7.1 IM ortal/web Access External Vendors Identity Management Ticketing Systems IT ersonnel Monitoring & SIEM Applications Central olicy Manager Auditors Secure Digital Vault Enterprise Directory and more Developers & DBAs 11

Enterprise assword Vault: reventing Threats, Improving roductivity Who is accessing critical information assets? Ticketing Application The result? A preventative approach that: Secures privileged credentials Gives you full control over access John s access is logged, personalized and reason is entered Ticketing integration; approval workflow John requests managerial approval to ersonalizes usage retrieve password Automatically replaces credentials on a periodic basis (policy driven) rotection from terminated employees & 3rd parties and & shorter time to resolution Generates John, the ITbetter admin,productivity receives a ticket he transparently connects without seeing needs to handle. There s a problem on the Windows the password machines and he needs to install a patch to fix Windows Server it which requires administrator access 12

Full Datacenter Coverage Enterprise IT Environment Applications Operating Systems Databases Oracle MSSQL DB2 Informix Sybase MySQL Any ODBC Web Applications Central olicy Manager Windows Unix/Linux IBM iseries Z/OS HUX Tru64 NonStop ESX/i OVMS OS X XenServers Security Appliances FW1, SLAT ISO IX Ironort Netscreen FortiGate roxysg anorama SA WebSphere WebLogic Windows: Services Scheduled Tasks IIS App ools IIS Anonymous COM+ Cluster Service Oracle Application ER System Center Configuration Manager Generic Interface SSH/Telnet ODBC Windows Registry Network Devices Cisco Juniper Nortel Alcatel Quntum F5 H 3Com RuggedCom Avaya BlueCoat Yamaha Remote Control and Monitoring Directories and Credential Storage AD SunOne Novel UNIX Kerberos UNIX NIS HMC HiLO ALOM Digi CM DRAC irmc Alterath

EV: Better Visibility & Control for Managers When was themy account accessed and why? Where do all privileged accounts exist? Auto-discovery automatically detects unmanaged devices and service accounts for operational efficiency and full compliancy Automatically manage hundreds of thousands of local admin accounts 14

Application Identity Management: Tighter Security; Better Compliance Secure, manage and eliminate hard-coded privileged accounts from applications Billing App Websphere CRM App Weblogic UserName = GetUserName() assword = Getassword() Host = GetHost() ConnectDatabase(Host, UserName = app UserName, assword) assword = y7qef$1 Host = 10.10.3.56 ConnectDatabase(Host, UserName, assword) Secure & reset application credentials with no downtime or restart Ensure business continuity & high performance with a secure local cache Strong application authentication Unique solution for Java Application Servers with no code changes HR App Legacy Online Booking System Avoid hard coding connection strings no code changes & overhead IIS /.NET 15

On-Demand rivileges Manager: Tightening Unix Security When Who What Where What Monitor & audit with reports and text recording Control superuser access (root, oracle, app1 ) Unix /Linux Servers Granular Access Control and Hardening

OM for Windows Reduce TCO of desktop management & IT overhead Least privilege leads to less tickets/calls to IT, less unintentional damage Gartner: 20% lower TCO with full least-privileged implementation Reduce the risk of infecting desktops with malware 90% of Windows vulnerabilities are mitigated when running without admin rights. Eliminating admin rights reduces the attack surface of malwares.

BUT IS ACCESS CONTROL ENOUGH? RIVILEGED SESSION MANAGEMENT SUITE

Expanding from Managing Accounts to Managing Sessions ortal/web Access External Vendors IT ersonnel Secure, manage rivileged and track Identity privileged Management accounts Isolate, control, rivileged and monitor Session privileged Management sessions Identity Management Ticketing Systems Monitoring & SIEM Applications Central olicy Manager Auditors Secure Digital Vault Enterprise Directory and more Developers & DBAs 19

Continuous Monitoring & rotection Across the Datacenter Control rivileged Session Management Suite SM for Servers Monitor SM for Databases SM for Virtualization Isolate 20

Cyber-Ark SM latform Support latform Microsoft: Windows X Windows Vista Windows 7 Windows 2003 Server Windows 2008 Server IBM: AS400 IBM: AIX Sun Solaris H: HUX Tru64 Open VMS SSH-compatible sessions SQL lus / LSQL Developer SQL Server Management Studio SybaseASE Sybase Interactive SQL Client SecureCRT Virtualization: Hypervisors inc ESX, ESXi vsphere Video Mode Text Command

Remote Vendor Access with SM Internet Corporate Network DMZ Auditors, IM Admins Windows Servers HTTS 3rd party vendor VWA SM Firewall UNIX Servers Firewall Routers and Switches IM Vault

Real-Time Monitoring with Session Interaction 23

Easily Search rivileged Sessions for Forensic Analysis Search for SQL commands that include the word 'Salary' Click to lay oint in Time * Supports SSH and SQL commands 24

Accessing & Monitoring Websites & Cloud Applications Manage sensitive credentials to websites and web-based/saas applications using IM Connect transparently to the web-based application without needing to know the password Monitor and record privileged sessions in web applications in real-time or for forensic analysis 25

Value of rivileged Session Management Isolate revent cyber attacks by isolating desktops from sensitive target machines Control Create accountability and control over privileged session access with policies, workflows and privileged single sign on Monitor Deliver continuous monitoring and compliance with session recording with zero footprint on target machines 26

Sensitive Information Management Suite Sample use cases

Accelerate Business, Securely Variety of Interfaces Enterprise Ready Business Autonomy

THANK YOU! 29