Managing privileged account security

1,169
-1

Published on

How to manage the security of privileged accounts.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,169
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
150
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Managing privileged account security

  1. 1. 1 Managing Privileged Account Security Chris Maroun Regional Sales Engineering Manager – East Coast
  2. 2. 2 Privileged Accounts Exist In Every Piece of IT Technology
  3. 3. 3 PRIVILEGE Shared Admin Accounts Application to Application Accounts Cloud Accounts
  4. 4. 4 Privileged Accounts are Targeted in All Advanced Attacks Mandiant, M-Trends and APT1 Report “…100% of breaches involved stolen credentials.” “APT intruders…prefer to leverage privileged accounts where possible, such as Domain Administrators, service accounts with Domain privileges, local Administrator accounts, and privileged user accounts.”
  5. 5. 5 The Facts Speak for Themselves: You Will Be Breached There is no such thing as perfect security. Attackers get smarter and change tactics all of the time. Companies who have made responsible and sustained investments in IT continue to be compromised. 100% 94% 416 100% Of victims have up-to-date antivirus software Of breaches are reported by third parties Median number of days advanced attackers are on the network before being detected Of breaches involved stolen credentials Mandiant, 2013
  6. 6. 6 Systems Integration Partners Temporary Staff Cloud Service Providers Off Shore Developers Contractors Internal Users
  7. 7. 7 Systems Integration Partners External Attacker Cloud Services Off Shore Developers Contractors Internal Users You Need to Know! Which One is the Attacker? Which One is Authorized?
  8. 8. 8 Four Critical Steps to Stopping Advanced Threats Protect and manage privileged account credentials Control, isolate and monitor privileged access and activity on servers and databases Use real-time privileged account analytics to detect and respond to in-progress attacks Discover all of your privileged accounts
  9. 9. 9 Privileged Account Security – Now a Critical Security Layer
  10. 10. 10 CyberArk’s Privileged Account Security Solution Privileged Threat Analytics Master Policy Secure Digital Vault™ Enterprise Password Vault® Privileged Session Manager® Application Identity Manager™ On-Demand Privileges Manager™ Management Portal/Web Access PROTECT DETECT RESPOND
  11. 11. 11 Virtual Servers Unix/Linux Servers iSeries Mainframes Windows Servers zSeries Mainframe Databases Applications Network Devices Security Appliances Websites & Web Apps Unix AdminsWindows Admins DBAs VM Admins External Vendors Business Applications Auditor/ Security & Risk I need the password to map a drive I need my service provider to connect remotely with root I just need root to patch a database I have this script that needs to run as root every night What are your root entitlements, who used it, when did they use it and why? Enterprise Account Usage today What are your root entitlements, who used it, when did they use it and why?
  12. 12. 12 Virtual Servers Unix/Linux Servers iSeries Mainframes Windows Servers zSeries Mainframe Databases Applications Network Devices Security Appliances Websites & Web Apps Unix AdminsWindows Admins DBAs VM Admins External Vendors Business Applications Auditor/ Security & Risk I need the password to map a drive I need my service provider to connect remotely with root I have this script that needs to run as root every night Great! Your access is approved and is now controlled and monitored I just need root to patch a database EPV Workflow PSM Workflow AIM Workflow Monitoring & Reporting Workflow OPM Workflow Control the Access
  13. 13. 13 How do we get there?
  14. 14. 14 Map and Measure Privileged Account Risks with CyberArk DNA™ Simple, three-step process Executive dashboard of results
  15. 15. 15 CyberArk DNA Pass-the-Hash Vulnerability Map
  16. 16. 16 System User Pass Unix root Oracle SYS Windows Administrator z/OS DB2ADMIN Cisco enable Vault Enterprise IT Environment Central Policy Manager 1. Master/exception policy definition Security/ Risk Management Enterprise Password Vault Infrastructure EPV Policy tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t Policy
  17. 17. 17 Master Policy: “Native” language, simplified management Basic Policy rules -grouped by topic Managing Exceptions and Separating Basic and Advanced settings (including dependencies) In-Line Help For quick answers
  18. 18. 18 System User Pass Unix root Oracle SYS Windows Administrator z/OS DB2ADMIN Cisco enable Vault Enterprise IT Environment 1. Master/exception policy definition 2. Initial load & reset Automatic Detection, Bulk upload, Manual Enterprise Password Vault Overview EPV tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t lm7yT5wX5$aq+pTojsd$5fhy7qeF$1gviNa9% Policy Central Policy Manager
  19. 19. 19 What happens next?
  20. 20. 20
  21. 21. 21
  22. 22. 22
  23. 23. 23
  24. 24. 24
  25. 25. 25
  26. 26. 26
  27. 27. 27
  28. 28. 28
  29. 29. 29
  30. 30. 30
  31. 31. 31
  32. 32. 32
  33. 33. 33 Integration with SIEM and PTA
  34. 34. 34 Security Dashboards
  35. 35. 35 Privileged Threat Analytics
  36. 36. 36 Access to Privileged Accounts During Irregular Hours December 28th, 2012 February 13th, 2013
  37. 37. 37 Privileged Threat Analytics
  38. 38. 38 Privileged Threat Incident Details
  39. 39. 39 Managing Privileged Account Security Chris Maroun Regional Sales Engineering Manager – East Coast Thank you!

×