View
277
Download
2
Category
Tags:
Preview:
Citation preview
Introduction – Marc F. Potter
25 years of Security Experience
Companies
Dell Security
Quest Software
CA Technologies
Cabletron Systems
Technologies Backgound
Security Event Management
End Point Security
Identity Governance
Privileged Management
ObserveITWorldwide Vice PresidentCorporate Strategy and Business Development
Agenda
Current State of Managing Risk
Future State of Managing Risk
How CA Privileged Management Helps
3 Steps to Reduce your User Risk Posture
Next Steps
SystemsApps Data InternalIT Users
BusinessUsers
VendorContractor
Do you know who your high-risk users are?
Do you have the visibility into high-risk activity?
Are you focused on the right profile of users?
Database
NetworkAppliance
VirtualServer
Windows/UNIX/Linux
Application
Multiple Device Types
CAControlMinder
Secure Password Storage
IndividualAdministrators
SharedPrivilegedAccount
PasswordCheck-In
&Check-Out
Automatic Logins
Shared Account Management
Manual
Logins
11
Business Users
84% of Insider based breaches involve users with no admin rights(Ponemon)
IT Users
62% of admin-caused breaches due to human error (Ponemon)
Contractors
Breaches involving contractors have significantly higher data loss and severity (VDBIR14)
•••
OFFLINE MACHINE3RD PARTY MACHINE
MACHINE ID MAPPINGHELPDESK MACHINEREMOTE DESKTOPPC ADMIN RIGHTS
FINANCE DEPARTMENTCALL CENTER USER
ACCOUNTS PAYABLECONTRACTS TEAM
AUDITORDOCTOR/NURSE
CITRIX USER
•••
APPLICATIONSDATABASES
SERVERSNETWORKS
(PASSWORD VAULTS)
APPLICATIONSSENSITIVE DATA
FILE SHARESCLOUD SERVICES
BusinessUser
CitrixUser
ITUser
1. Identify User-Based Access RiskBusiness Users ContractorsIT Administrators
2. Monitor and Alert on Suspicious ActivityCapture Behavior PatternsProfile Risk and AcceptanceAlert on Suspicious Changes
3. Investigate and RemediateForensics Log SearchNotification and PreventionSession ReplaySession Kill
Recommended