For CIOs and CISOs: every user is a privileged user, learn how to deal with.
•Download as PPTX, PDF•
1 like•993 views
Every user is potentially a privileged user: how to guarantee to give the right access to the right for the right usage ? Learn from Chris Pace, head of Product Marketing at WALLIX and ensure your organization is cyber-secure and compliant with your business regulations and laws that include Privileged Access Management requirements.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (9)
Similar to For CIOs and CISOs: every user is a privileged user, learn how to deal with.
Similar to For CIOs and CISOs: every user is a privileged user, learn how to deal with. (20)
Recently uploaded
Recently uploaded (20)
For CIOs and CISOs: every user is a privileged user, learn how to deal with.
- 1. @achrispace Controlling and monitoring privileged access Chris Pace Head of Product Marketing @achrispace
- 2. @achrispace Every user is a privileged user
- 3. @achrispace CISO FTSE100 Company 18 years of IT security experience “Privileged access is the beast we still haven’t tamed”
- 4. @achrispace The goal of every malicious outsider? To become a privileged insider.
- 5. WallixAdminBastion is a privileged user management solution. It’s designed to give you comprehensive control, monitoring and reporting for access to servers and other devices across your network.
- 6. @achrispace Sharing of accounts and passwords by internal IT staff.
- 8. @achrispace Third party service providers and contractors.
- 9. @achrispace Reducing your biggest security risk in the shortest possible time.
- 10. Privileged user management How Wallix helps: • WAB becomes a single point of entry for users to all your network devices • Users have a single account for access to multiple resources • Greater control over users who need access changes or leave your organisation • Control access by parameters such as IP address, day and time or session type • Ideal for managing contractors or external service providers
- 12. Monitoring and traceability How Wallix helps: • User activity can be constantly monitored in realtime alerting a manager or denying access if particular actions are attempted • Goes beyond event logging by tracing every single mouse click and keyboard stroke using system log information and optical character recognition • Command line sessions like SSH as well as UI sessions on Windows servers are can all be recorded • Recorded sessions can be viewed as text or recorded as videos which can be viewed and downloaded instantly
- 14. Password management How Wallix helps: • Users never need to have local access to servers • It’s easy to manage users who should no longer have access to particular resources without having to worry about accounts on the devices themselves • This helps to protect your infrastructure from any unauthorised access particularly for contractors or employees who have left your organisation
Editor's Notes
- As we see traditional network perimeters dissolve and ever more IT infrastructure outsourced our concept of what privileged access is must change. As business users become as technically savvy, and certainly as willing to adopt new technologies as your traditional IT department there is inherently an increase in risk around the data that you’re responsible for securing. Add into this mix the number of different individuals and organisations outside of your own who now want access to internal resources or are maybe even responsible for managing the infrastructure you have hosted or in the cloud. Visibility of active sessions has only ever really been a concern around resource or performance, now it must be a concern we take seriously when considering data security and compliance.
- Privileged access to infrastructure for IT admins has been seen as a necessary evil for a very long time. But it’s not so very long ago that almost every organisation was using a domain admin account for most server access, and very often that domain admin account had a password that was guessable and didn’t usually change (even if someone left who had access). Many businesses had developed to a point where users were then given individual access to systems via a domain admin account that was personalised, but the idea of monitoring or auditing access would not have been a concern. Visibility of active sessions has only ever really been a concern around resource or performance, now it must be a concern we take seriously when considering data security and compliance. But it’s the advent of compliance and risks to data that should be transforming these attitudes and causing us to think seriously about how we can vouch for the safety of this data. Matthias has already mentioned how strict the requirements are around securing systems that deal with payment card data. And the auditing and monitoring of privileged access is certainly a key to success in this area.
- We need to think about management of privileged accounts as part of our entire security posture. If a hacker gets in, they will take advantage of your failure to secure privileged access.
- The Wallix Admin Bastion is a solution that gives privileged users in your organization secure access to servers and devices, and gives you complete visibility and auditing of their actions, helping you to meet compliance requirements and keep data secure.
- Having visibility of changes made to servers and other systems makes change control and security better. Wallix creates a single gateway for access to resources. This means from a single location you can easily define access to the right devices for the right people. You don’t need to share accounts or passwords around for these devices, Wallix will connect to them encrypting the credentials so they’re invisible to the user logging in. The user connects with only their user name and password for Wallix.
- At the root of most compliance requirements lies your ability to prove you made efforts to secure the data on systems you’re responsible for. This is where Wallix ability to provide extensive control over access and fully audit sessions beyond simple event logging can bring hug advantages and provide you with a fast route to compliance. There are no agents to install onto systems either so it’s simple to begin managing the session activity on these servers.
- As increasing numbers of individuals or companies have access from outside and you have no way of ensuring that they have the same level of security or are controlling access to your systems and data. You could and should do that as a minimum. Many examples of businesses who are giving third parties access to resources via VPN accounts which are not monitored or really managed. This was the root of the Target hack. The CEO resigned. Wallix gives you a simple way to force secure access from these external providers and also gives you visibility of what they have access to. It’s also much simpler to revoke this access in the event of a change of scope or staffing.
- Wallix Admin Bastion helps creating a single point of entry to your servers, network devices and applications. Your users have a single account for access to the resources for which they have permission, so you’ll never need to give them local access to servers with usernames and passwords. It also makes it much easier to manage people who are contractors or who have left your organization.
- Wallix can also help to monitor and trace activity …
- Wallix Admin Bastion doesn’t just create user activity logs and videos. We’re also able to monitor user activity in real time. Trigger actions that could be risky will create an alert or even instantly cut the users connection to a server.
- With Wallix Admin Bastion a user should never need local access to a server and preventing unauthorised access can be done in just a couple of clicks.
- For more information visit www.wallix.com, thanks for listening.