Sunday, September 6, 2015

Privileged password management

  • Privileged password management is a type of password management used to secure the passwords for login IDs that have elevated security privileges. This is most often done by periodically changing every such password to a new, random value
https://en.wikipedia.org/wiki/Password_management#Privileged_password_management

  • Secure Privileged Password Management and Privileged Session Management
PowerBroker Password Safe is an automated password and privileged session management solution offering secure access control, auditing, alerting and recording for any privileged account – from local or domain shared administrator, to a user’s personal admin account (in the case of dual accounts), to service, operating system, network device, database (A2DB) and application (A2A) accounts – even to SSH keys.
http://www.beyondtrust.com/Products/PowerBrokerPasswordSafe/

  • when someone from your team changes a password, the product goes through all of your servers and updates automatically discovered services. You may even remove administrative permissions from your normal accounts to prevent inadvertent changes and let Netwrix Privileged Account Manager take care of your service accounts.
http://www.netwrix.com/privileged_password_management.html


  • Privileged access control increases security and compliance
Privileged Password Management for IT Admins
Secure the core of your business with password management software. Manage, change, and monitor privileged passwords in a centralized, web-based vault
http://thycotic.com/products/secret-server


  • cyberark

Privileged accounts represent the largest security vulnerability an organization faces today. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations
http://www.cyberark.com/products/privileged-account-security-solution


  • powerbroker 

Unified Privileged Access Management Solutions that Reduce Insider Threats with Visibility and Control
https://www.beyondtrust.com/products/powerbroker

  • Shell Control Box is a user monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions.
What can you use SCB for?
    Monitor your IT administrators
    Control your IT outsourcing and cloud partners
    Audit your Citrix and VMware View users
    Meet local laws and international standards
    Improve IT incident management
https://www.balabit.com/network-security/scb

  • Privileged Access Management (PAM) is a solution that helps organizations restrict privileged access within an existing Active Directory environment.

Privileged Access Management accomplishes two goals:
    Re-establish control over a compromised Active Directory environment by maintaining a separate bastion environment that is known to be unaffected by malicious attacks.
    Isolate the use of privileged accounts to reduce the risk of those credentials being stolen.

What problems does PAM help solve?
Vulnerabilities.
Unauthorized privilege escalations.
Pass-the-hash.
Pass-the-ticket.
spear phishing.
Kerberos compromises.
Other attacks.


PAM makes it harder for attackers to penetrate a network and obtain privileged account access. PAM adds protection to privileged groups that control access across a range of domain-joined computers and applications on those computers. It also adds more monitoring, more visibility, and more fine-grained controls. This allows organizations to see who their privileged administrators are and what are they doing. PAM gives organizations more insight into how administrative accounts are used in the environment.

How does PAM work?
PAM separates privileged accounts from an existing Active Directory environment. When a privileged account needs to be used, it first needs to be requested, and then approved. After approval, the privileged account is given permission via a foreign principal group in a new bastion forest rather than in the current forest of the user or application. The use of a bastion forest gives the organization greater control, such as when a user can be a member of a privileged group, and how the user needs to authenticate.
https://docs.microsoft.com/en-us/microsoft-identity-manager/pam/privileged-identity-management-for-active-directory-domain-services

No comments:

Post a Comment