Securing Privileged Access “Inside the Perimeter”

bomgar 174 views 22 slides Jun 27, 2017

Slide 1 of 22

About This Presentation

The continuing increase in cybersecurity attacks has exposed the weaknesses in traditional perimeter security technology. Though still a critical element in any security strategy, firewalls don’t provide all the protection an organization needs against sophisticated attacks of today’s complex IT...

Size: 7.33 MB

Language: en

Added: Jun 27, 2017

Slides: 22 pages

Slide Content

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Agenda Security Landscape Market Trends How a Cyber Breach Happens Why Perimeter Security Isn’t Enough Technology Solutions How Privileged Users Fit In Why Privileged Users Are Targets VPNs Aren’t Enough Risk Mitigation With Privileged Access Management Solutions Recommendations

3 Are You Inviting In Hackers?

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Cyber Breaches Show No Sign Of Slowing Down Targeted attacks on corporate IT networks have increased in scale and public visibility Hacker objective = bypass perimeter security, by stealing legitimate credentials to gain access Phishing tactics are increasingly sophisticated and often involve social engineering

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Many need access to the corporate network and sensitive data, often with elevated levels of privilege Virtually every business works with partners, suppliers, and service providers

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Privileged Accounts are the Prize What are they? One or more “superuser” accounts that contain the rights necessary to perform administrative, maintenance, and other key system tasks Built into every IT application and system Typically shared among several people Why are they so problematic? They are all powerful They are shared They are anonymous But, we can’t live without them! 80% of all security breaches involve misuse of administrative privileges Privileged Identify Management Trends Forrester, June 2015 “ “

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE And Credentials Unlock Them Privileged user accounts can’t be accessed without credentials, but the volume of credentials to keep track of is high Often stored insecurely and in plain text, such as on sticky notes or in spreadsheets Infrequently used credentials are often forgotten May be non-compliant, repeated, rarely or never changed, or shared with the wrong person 63% of confirmed data breaches involved weak, default, or stolen passwords Verizon 2016 Data Breach Report “ “ ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

Exploitation Reconnaissance Locate targets and develop a plan of attack based on network vulnerabilities How It Works - The Cyber Breach Attack Process Target Ecosystem Hacker ecosystem Reconnaissance Infiltration Exfiltration Exploitation Expand access by elevating user privileges and moving laterally across the network Exfiltration Data is transferred externally from the network using exfiltration malware Infiltration Exploit vulnerabilities to acquire initial access ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

VPN is like a wall, privileged users enter through a single “door” Door is often configured to be either opened or closed, “all or nothing ” access Compromised VPN access can be used to transmit malicious traffic past perimeter defenses into the corporate network PRIVILEGED USER CORPORATE NETWORK ✓ SECURED NETWORK AREA VPN VPN Access Can Increase Your External Attack Surface ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

CORPORATE NETWORK ✓ SECURED NETWORK AREA EMPLOYEES / ADMINSTRATORS But Insiders Present Risks Too Phishing and whaling attacks are increasingly sophisticated and targeted to privileged users Compromised insider credentials can be harder to detect Well intentioned employees are just as risky as malicious or negligent ones ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 74% of organizations feel vulnerable to insider threats —  7% from previous year Insider Threat Spotlight Report 2016, Crowd Research “ “

Exploitation Phishing Reduction Reduce the chance of account and credential theft through training, phishing tests How Technology Can Help Target Ecosystem Hacker ecosystem Reconnaissance Infiltration Exfiltration SIEM, Threat Analytics Track and analyze suspicious activity within the network, intrusion detection Encryption, Forensics Render data useless, even if stolen; analyze, respond, and mitigate breach activities Identity and Access Mgmt , Multifactor Authentication, Behavioral Analytics Control and manage the access, and report and track how its used ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

Controlling Privileged Access Is The Fastest Path To Risk Reduction Assume phishing success rates will always be greater than 0% Privileged Access Management can be up and running in days Quickly replace “all or nothing” with just the right level of access Get immediate value from your investment Works with other technologies already in place ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

Understanding Privileged Access: Hotel Analogy ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Managing the needs of guests, employees, and vendors require different policies and procedures to keep guests safe and the hotel running smoothly Hotels need security beyond the front door – just like IT networks

Key PAM Features/Functionality Protecting the Access Enable role-based access to specific systems and define session parameters, such as access timeframes, required approvals, and permitted functions. Managing Activity Actively manage the ongoing operational use of network devices and hardware on the network. Analyzing Data Understand what privileged users are actually doing within the network and audit for misuse , while meeting audit trail requirements. Integrating With Other Solutions How does the solution I’m considering integrate with what I already have or plan to use? ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

Does It Work With What You Already Have? Secure your existing investments Plug into all of the tools your organization already uses Take advantage of pre-built integrations or use APIs to seamlessly integrate with existing workflows ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE PASSWORD MANAGEMENT TWO FACTOR AUTHENTICATION TICKETING ACTIVE DIRECTORY & LDAPS SIEM SAML

But, Success Is Based On More Than Features “Usable Security” Is the product easy for people to use? Does it make their jobs easier, not harder? Make “least privileged” productive, not a hindrance ©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Compliance Considerations Company security policies Evolving and tightening in response to market conditions Industry compliance (PCI, HIPAA, CJIS, etc) Limiting access Audit trail Multifactor Authentication

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Recommendations Ongoing security education should be a priority for both new and tenured employees Consider security technology options holistically Quickest impact to reduce risk Ease of implementation User experience Other solutions already in place Compliance Understand the requirements of mandates you must meet Privileged Access Enhancements Password managers Two factor authentication

©2017 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE Additional Resources Learn More Bomgar Privileged Access Management Solutions Infographic - The Privileged Access Hotel At A Glance - Bomgar Compliance Chart Whitepaper - Streamline IT Security with Bomgar Privileged Access

Securing Privileged Access “Inside the Perimeter”

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Securing Privileged Access “Inside the Perimeter”

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx