Upload File

tech talk: governing your privileged users – a key step towards reducing the risk of breach

  • Home
  • Technology
  • Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach
14
World ® ’1 6 Tech Talk: Governing Your Privileged Users – A Key Step Towards Reducing the Risk of Breach Ehud Amiri – Product Management – CA Technologies SCT38T SECURITY

Upload: ca-technologies

Post on 08-Jan-2017

136 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

World®’16

TechTalk:GoverningYourPrivilegedUsers– AKeyStepTowardsReducingtheRiskofBreachEhudAmiri – ProductManagement– CATechnologies

SCT38T

SECURITY

Page 2: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.

Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.

ForInformationalPurposesOnlyTermsofthisPresentation

Page 3: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Abstract

Manyorganizationshaveasolutiontocontroltheactionsofprivilegedusers.But,that’snotenoughforacompleteprivilegedusermanagementsolution– youmustalsogoverntheiraccesstomakesurethatonlythecorrectusershaveelevatedprivileges,andtheyhaveonlytheprivilegesthattheyneed.ThisTechTalkisanoverviewofthePre-ConEdin-depthsessiononPrivilegedUserGovernance.ComeheretolearnhowyoucanreduceyourriskthroughthiscapabilitythatisuniquetoCA.

EhudAmiriCATechnologiesProductManagement

Page 4: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

OneStopShopforallIdentityServicesEverythingtheBusinessUserNeedsinOnePlace

Page 5: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

WhyPrivilegedAccessGovernanceisNeeded?

§ TheSituationToday– PrivilegedAccessManagement(PAM)ismostlyastandalone solutionthatimplementscritical

securityandcompliancecontrolsmanagingandmonitoringuseofsensitiveaccess

– Inmostcasesitisseparated fromthecorporateIdentityManagement

§ Theoutcome– Lackofoverallvisibilityto“whohasaccesstowhat”

– Missingapprovalandauditinginformationfor“whyaccesswasgranted”

– InabilitytoenforceconsistentidentitypoliciessuchasSegregationOfDuties– Lackofriskanalysisfortheoveralluseraccess

– FragmentedcompliancewithregulatoryrequirementssuchasISO27002sections8.1.2“ownershipofassets”and9.2.5“reviewofaccessrights”

Page 6: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PrivilegedAccessGovernance

§ TheCAApproach– ProvidinggovernanceforPrivilegedAccessiscritical

– Governanceshouldbeconsistentacrossprivilegedaccessandnon-privilegedaccess

– Asalways,it’sallabouttheuserexperience!

§ TheCAIdentitySuiteSolution– Automatedprovisioningandde-provisioning

– Accessrequest– Accesscertification

CAIdentitySuiteIntegrationwithCAPrivilegedAccessManager

Page 7: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

AutomatedProvisioningandDe-Provisioning

§ Automateon-boardingandoff-boardingofPAMAccountsaspartofregularuserlifecycle

§ OutoftheboxCAIdentitySuiteconnectorforCAPAMusingstandardPAMAPIs

§ ManagePAMAccountsandtheirassignmentstoRoles,UserGroups,Devices&DeviceGroups

§ SupportforlocalaccountsandLDAP/ADaccounts

§ Supportforgranularaccessassignmentsincludingstart/enddate,rolescopinganddevicepolicies

IntegrationwithCAPrivilegedAccessManager

Page 8: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

AccessCertification

§ Gainvisibilityintoalluseraccessinacentralizedplace

§ GranularinsightintoCAPAMaccounts,roles,groups&devices

§ OutoftheboxCAPAMcertificationprocesses:– PAMusercertification

– PAMdevicecertification

§ Easilyidentifyuserswithexcessiveaccess

§ FulfillmentusingtheconnectorforCAPAM

IntegrationwithCAPrivilegedAccessManager

Page 9: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

AccessRequest

§ Easy-to-useaccessrequestforCAPAMpermissionsthroughanintuitive'ShoppingCart‘experience

§ Real-timeriskanalysisofacombinedprivilegedandnon-privilegedaccess

§ Allrequestscanbecheckedforsegregationofdutiescompliance

§ Businessdescription,workflow,localization,recommendations,etc.

§ FulfillmentusingtheconnectorforCAPAM

IntegrationwithCAPrivilegedAccessManager

Page 10: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

WhyNowandWhyCAforPrivilegedAccessGovernance?

§ Compliance– Manyorganizationsarefacingcompliancepressuretoensureproperprivilegedaccessgovernanceis

implemented

§ BetterSecurity– Managingandgoverning“whohasaccessandwhy”forprivilegedaccessisbecomingmoreimportant

inthebroaderfightagainstsecuritybreaches

§ EliminatingSilos– Implementingseparategovernancesolutionsforprivilegedaccessandnon-privilegedaccessmay

createunintendedweaknessesincustomers’cyber-securitystrategy

§ OneStopShop– ByintegratingCAIdentitySuiteandCAPrivilegedAccessManagement,customerscaneasily

implementanenterprise-wideapproachthatisbasedontwoproven&marketleadingsolutions

MakingtheRightChoice

Page 11: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

RecommendedSessions

SESSION# TITLE DATE/TIME

SCT39T PAMforHybridEnterprises 11/17/2016at1:45pm

SCT37T StreamliningIDMDeployment 11/17/2016at3:00pm

SCT05T PAMBehavioralAnalytics 11/18/2016at4:30pm

Page 12: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

WeWanttoHearFromYou!

§ ITCentralisaleadingtechnologyreviewsite.CAhasthemtohelpgenerateproductreviewsforourSecurityproducts.

§ ITCSstaffmaybeatthissessionnow!(lookfortheirshirts).Ifyouwouldliketoofferaproductreview,pleaseaskthemaftertheclass,orgobytheirbooth.

Note:§ Onlytakes5-7mins§ Youhavetotalcontroloverthereview§ Itcanbeanonymous,ifrequired

Page 13: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Thankyou.

Stayconnectedatcommunities.ca.com

Page 14: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach

14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Security

FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw


Breach Prevention: The Root Cause of the Data Breach Epidemic€¦ · Breach Prevention: The Root Cause of the Data Breach Epidemic According to the 2012 Verizon Data Breach Investigations

· Web viewInformation that is confidential and privileged in litigation. BACKGROUND BG 101: Ethical Principles Governing the IRB VA Research must be carried out in an ethical manner

BREACH FORMATION: Laboratory and Numerical Modelling of Breach Formation · Laboratory and Numerical Modelling of Breach Formation ... of the field modelling and breach uncertainty

Privileged Docs

Privileged Magazine

How Managing Privileged Access Reduces the Risk of a Data Breach

Basel Convention UpdateBasel Convention and the Circular Economy Privileged & Confidential 2 • Global prior notice and consent regime governing waste shipped for disposal or recycling

BeyondTrust Privileged Remote Access Integration with … · 2020-04-07 · BeyondTrust Privileged Remote Access Integration with Privileged Identity Author: BeyondTrust Technical

Data Breach Response: Preserving the Privilege · ATTORNEY-CLIENT PRIVILEGED/ ATTORNEY WORK PRODUCT 2 3 © 2018 Snell & Wilmer 1. The Reality of Data Breaches 2.Attorney-Client Privilege

Privileged Programs

The privileged

Revamping of SEBI Regulations - Corporate Professionals...Insider Trading: Genesis Contd… INSIDER TRADING is the misuse of privileged position & breach of trust and hence can disturb

(126) SECTION II - PRIVILEGED COMMUNICATION … II - PRIVILEGED COMMUNICATION BIOGRAPHICAL ... "Digital Image Processing for the Rectification ... SECTION II -PRIVILEGED COMMUNICATION

Privileged Access

Special Examination Arrangements for VCE external assessments  · Web viewFailure to comply with these instructions may constitute a breach of the rules governing the conduct of

1 Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager works by randomizing privileged passwords and connecting people and programs to privileged accounts as needed:

Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged User Access?

Privileged session management

Our Privileged Customers

Self-governing compliance doesn’t work here anymore...Verizon Data Breach Investigations Report 2015 Confirmed Serious Incidents With Card Losses Verizon Data Breach Investigations

(Preamble) Article I - MUSEUM OF YESTERDAYmuseumofyesterday.org/government_gallery/govt_page... · all Cases, except Treason, Felony and Breach of the Peace, be privileged from Arrest

Pre-Con Ed: Governance of Privileged Identities—Key to Breach Prevention

Confidentiality & Privileged Communication

Vault · VAULT Reduce Cyber Breach Risk from Improper Credential Usage Bomgar Vault™ significantly improves password security for privileged users. Vault includes credential management,

Poor, but Privileged

Privileged Communications

Securing Privileged Accounts with Hitachi ID Privileged Access Manager

Creating Privileged Moments

Good – Local – Governance in the WASH Sectorwhconference.unc.edu/files/2014/10/pories-1.pdf · Sidur’s relationship with the local governing authorities has enabled them privileged

Privileged & Confidential

Request for Proposal 3101 For Procurement of Privileged ... · privileged access management solutions sometimes synonymously referred as ^privileged account management and privileged

ISSUE HIGHLIGHTS · Ultimate Frisbee Governing Council Annual General Meeting (6.30pm) 1/3 Adelaide 500 Excursion ... 6th of February, I was privileged to attend the 2018 ... No food

PRIVILEGED COMMUNICATION AND PRIVILEGED DOCUMENTS - Law …redengine.lawsociety.sk.ca/inmagicgenie/documentfolder/AC0635.pdf · PRIVILEGED COMMUNICATION AND PRIVILEGED DOCUMENTS "SPECIAL

BeyondTrust Privileged Remote Access Password …...BeyondTrust Privileged Remote Access Password Safe Integration Author BeyondTrust Technical Communication Subject BeyondTrust Privileged

Change Guardian Sentinel Reduce Your Breach Risk: File ......www .netiq .com 3 Data breach—especially from misuse of privileged access. System unavailability—caused by unplanned