Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Privileged Account Management - Keep your logins safe
Similar to Privileged Account Management - Keep your logins safe (20)
Recently uploaded
Recently uploaded (20)
Privileged Account Management - Keep your logins safe
- 1. Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Privileged Account Management (PAM) Jens Albrecht B.Sc. Electrical Engineering Presales Cyber Security jens.albrecht@ingrammicro.com Brunnmatt 14 CH-6330 Cham Privileged access perfectly protected
- 2. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 2 • Human (Domain Administrator, CxO, Web Portals…) • Non-human (Service Account, SU, root, Web Master, Router) • They access, control and manage IT environments / services • Are targets for IT attacks to get system access to compromise CIA (Confidentiality, Integrity, Availability) What are Privileged Accounts? Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 3. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 3 • Use very long and complex passwords • Change passwords periodically • Share passwords only on a secure way (better don’t share) • Monitor and audit the Account usage This is difficult to implement How to protect Privileged Accounts? Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 4. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 4 • Define password policies for privileged accounts • Automatically changes passwords for privileged accounts • Doesn’t allow privileged accounts to be directly shared • Monitors and records sessions for privileged account activity Can be done very easily with a PAM system How Privileged Account Management helps you? Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 5. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 5 • The Windows password expires after a period or a date • A new Windows password will be automatically generated • E.g. the jump account for Windows RDP sessions Example 1: Automatically change passwords Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 6. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 6 • The PAM system provides an RDP launcher for autologin • The Windows password isn’t visible for the operator • E.g. to access Domain Controllers Example 2: Use PAM for autologin for RDP Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 7. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 7 • The PAM systems starts the Web Password Filler for autologin • The password will not be shown to the operator • E.g. access to any web portals Example 3: Use PAM for autologin to web portals Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 8. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 8 • The PAM systems provides session recording • RDP, Web, PuTTY • Video on DB or disk Example 4: Use PAM for Auditing / Compliance Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 9. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 9 • We’ve chosen Secret Server from world leader www.thycotic.com Our PAM solution for you Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 10. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 10 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Fully-featured PAM solution available both on-premises and in the cloud Secret Server Establish Vault Discover Unknown Accounts Manage Secrets Delegate Access Control Sessions
- 11. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 11 • With Thycotic, your start into PAM is made easily Our PAM solution for you Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 12. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. 12 • Get in touch with us and get your free Thycotic consultancy • Start a trial / PoC / Rapid Prototyp in your lab / production • Discover Privileged Accounts in your environment and manage them with the PAM system. Start with Windows Accounts. • Your contact for PAM: jens.albrecht@ingrammicro.com Your next steps for PAM Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
- 13. Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Realize the Promise of Technology
Editor's Notes
- Privileged accounts are everywhere in the IT environment. They give IT the building blocks for managing vast networks of hardware and software that power the information-driven world. Yet for most people, they’re invisible. This gives you the basics of privileged account management (PAM) — understanding privileged accounts, what they do, and why it’s so important to protect access to them as the “keys to the kingdom” of your growing information empires. The typical user of a privileged account is a system administrator (sysadmin) responsible for managing an environment or an IT administrator of specific software or hardware.
- Sensitive data and critical functions are concentrated in business applications such as ERP, HR, and CRM systems. Users of these applications aren’t IT staff and aren’t using domain admin accounts. They do, however, have privileged access and many opportunities to increase risk. Business users are notoriously poor at protecting passwords. People often use the same password across multiple applications and share credentials with others. People use the same password for personal use as for business use, which expands the attack surface. When attackers compromise a privileged account, they can perform malicious activity, steal sensitive information, commit financial fraud, and often remain undetected for weeks or months at a time. Most cybersecurity breaches go undetected for more than 200 days.
- thycotic.com Why Choose Thycotic Stay Ahead Of Attackers. Prepare For Audits. Protect What Matters Most. Thycotic empowers more than 12.5k organizations around the globe, from small businesses to the Fortune 500, to manage privileged access. We make enterprise-grade privilege management accessible for everyone by eliminating the need for complex security tools and prioritizing productivity, flexibility and control. You’ll achieve more with Thycotic than with any other privilege security tool.
- thycotic.com Why Choose Thycotic Stay Ahead Of Attackers. Prepare For Audits. Protect What Matters Most. Thycotic empowers more than 12.5k organizations around the globe, from small businesses to the Fortune 500, to manage privileged access. We make enterprise-grade privilege management accessible for everyone by eliminating the need for complex security tools and prioritizing productivity, flexibility and control. You’ll achieve more with Thycotic than with any other privilege security tool.
- Get in touch with Jens Albrecht jens.albrecht@ingrammicro.com / Ingram Micro Switzerland