In this presentation we will talk about Privileged Access Management and present various strategies in order to make implementation and rollout easier for your security controls.
6. • Shift in Capex to Opex
• Cost savings – 25% on avg.
• EmployeeMobility
• Easy access – 49% on avg.
• Scaling is easier
• More efficient – 55% on avg.
• Time savings
• More time to innovate– 31% on avg.
• Choice – no traditional vendorlock in
Why is the
Cloud
Popular
7. SAML & SaaS
• Less than 25% of corporateapps have SSO support
• Less than 1% of all SaaS apps understand SAML
• Passwords are here to stay!
12. PAM - Layers
Shrek: Ogres are like onions
Donkey: They Stink?
Shrek: Yes. No.
Donkey: Oh.....they make you cry
Shrek: No!
Donkey: Oh, you leave 'em out in
the sun,they get all brown,start
sproutin' little white hairs
Shrek: NO. Layers.Onions have
layers.Ogres have layers.Onions
have layers.You get it? We both
have layers.[sigh]
Donkey: Oh, you both have layers.
Oh.
PAM has layers. Onions have layers. We both have layers.Get it?
13. PAM - The 7 Layers
2FA on Apps and Servers
SaaS PAM
SSH Session Control
Secret Storage
Access sharing
Reporting and Audits
Server PAM
14. Evolution of PAM
PAM 1.0
Crawl
• Password Vaulting
• SSH Key Rotation
• Video-session Recording
PAM 2.0
Walk
• Rights Management
• Time based checkout
• Credential rotation
PAM 3.0
Run
• SaaS PAM
• Adaptive authentication
• Automated auditing
26. Conclusion
2FA on Apps and Servers
SaaS PAM
SSH Session Control
Secret Storage
Access sharing
Reporting and Audits
Server PAM
q Fine Grained Control - SaaS PAM is important.
q Session recording for compliance and security.
q Secrets management - is an emerging area.
q Reports and Auditing - need continuous process.
q Simplify 2FA Experience - reduce friction.