The secured privileged user Priviliged access users in the enterprise

1. The secured
privileged user
Priviliged access users in the enterprise The privileged
smart card user
Can’t share
passwords
with other
admins
Doesn’t need
to remember
multiple,complex
passwords
Only has to
carry one smart
card for all access
Smart card
equipped
with multiple
identities
More secure
SSH &
RDP access
Smart card
equipped
for physical
access to
secure server room
Smart card
provides
visual ID
5 Tips
for managing
privileged access
Before implementing any privileged
access controls, first take a look at
your current situation—potential
risk to the organization and possible
roadblocks to effective management
of privileged access.
1.
cess
ting st —nd possib
Secure smart
card access to
domain controllers
Access to information assets
should not be granted to every
administrator. Only those
who have a valid business need
should be provided with access.
2.
3.
4.
Do not grant anyone permanent
privileged access to any resource.
Access should be granted on an as
needed basis and only for the
amount of time needed.
Implement tools and reporting to
monitor any inappropriate granting
of access rights, and any violations
of policy.
5. Frequently monitor and improve
how access rights are granted and
revoked. This is especially important
as new technology, such as mobile
enterprise applications, is adopted.
From Norman Marks on Governance, Risk Management and Audtit
If you wern’t worried about privileged users you should be, April 5, 2012