Upload
beyondtrust
View
125
Download
1
Embed Size (px)
Citation preview
• Unwanted or unauthorized system-
wide changes
• No damage limitation against
malware
• System integrity issues
What Problems Do Privileged Accounts
Cause?
• Hack sensitive business data
• Changes through the backdoor
What Problems Do Privileged Accounts
Cause?
Process for managing changes
to IT systems
Prevents unplanned changes to
complex interconnected
systems
Reduces downtime and
support requests
Change Control
Many don’t Privilege drift
Grant privileged access
permanently
Privileged access to external
contractors
How Do Organizations Manage Privileges?
Third-party privilege
management solutions
User Account Control (UAC)
Active Directory
delegation
PowerShell constrained endpoints
(JEA)
Windows Server 2016 Privileged
Access Management
(PAM)
How Can Privileges Be Managed?
• Adds protection to privileged
groups
• Re-establish control over a
compromised AD
• Insight into how administrative
accounts are used
What Is PAM?
Privilege escalation
attacks
Pass-the-Hash
Pass-the-Ticket
Spear phishing
What Problems Does PAM Solve?
Shadow security principals
Time-limited group membership
PAM cross-forest trust
Bastion forest
PAM workflow (Microsoft Identity Manager)
Enabling Technologies
• MIM Web Services API
• REST endpoint
• Windows PowerShell (New-
PAMRequest)
Requesting Privileged Access
MIM is requiredLicensed per-
user
Best purchased via Enterprise
Mobility + Security
Can be licensed
alongside Azure AD Premium
What About MIM?
Summary: Why PowerBroker for Windows?
• Asset discovery, application control, risk compliance, Windows event log monitoring included
• Optional: Session monitoring, file integrity monitoringDeep capability
• U.S. Patent (No. 8,850,549) for the methods and systems employed for controlling access to resources and privileges per process
Mature, patented leader
• Tightly integrated with vulnerability management
• Deep reporting and analytics insights for compliance and operations
Centralized reporting, analytics and management
• Privilege and session management on Unix, Linux and Windows
• Privileged password and session management
• Integrate Linux, Unix, and Mac OS X with Microsoft AD
• Real-time auditing of AD, File System, Exchange & SQL
Part of a broad solution family
Va
lida
ted
by c
usto
me
rs a
nd
an
aly
sts
alik
e
Your solution should:
• Elevate privileges to applications, not users, on an as-needed basis without
exposing passwords
• Enforce least-privilege access based on an application’s known vulnerabilities
• Track and control applications with known vulnerabilities or malware to further
protect endpoints
• Monitor event logs and file integrity for unauthorized changes to key files and
directories
• Capture keystrokes and screens when rules are triggered with searchable
playback