Six Steps to Secure Access for Privileged Insiders and Vendors

Slides:

Advertisements

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Advertisements

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

Customer confidential 1 Privilege Management Sean Moore Solutions Specialist.

SiteLock Internet Security: Big Threats for Small Business.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Website Hardening HUIT IT Security | Sep

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. Leveraging Information to Detect and Prevent Insider Attacks Phoram Mehta Senior.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Identity is the new Perimeter of Security Wade Tongen NA Enterprise SE Manager

Brandon Traffanstedt Systems Engineer - Southeast

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

Module 7: Designing Security for Accounts and Services.

©2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE. 1 Bomgar Privileged Access Management.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.

An Anatomy of a Targeted Cyberattack

Proactive Incident Response

Stopping Attacks Before They Stop Business

Your Partner for Superior Cybersecurity

Cybersecurity - What’s Next? June 2017

Case Study - Target.

Data Minimization Framework

Do you know who your employees are sharing their credentials with

THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.

Microsoft /20/2018 9:26 AM BRK1037 Win the IT security battle: automate password changes, privileged access & Minimize Cyber Losses Christopher.

Six Steps to Secure Access for Privileged Insiders and Vendors

KELA Targeted Cyber Intelligence

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Speaker’s Name, SAP Month 00, 2017

Dissecting the Cyber Security Threat Landscape

Forensics Week 11.

BOMGAR REMOTE SUPPORT Karl Lankford

Determined Human Adversaries: Mitigations

Company Overview & Strategy

MISSION STRATEGIC DIRECTION

PRIVILEGED ACCOUNT ABUSE

Validating Your Information Security Program (ISP 3 of 3)

Check Point Connectra NGX R60

Network Security Best Practices

Brandon Traffanstedt Systems Engineer - Southeast

12 STEPS TO A GDPR AWARE NETWORK

Information Security Awareness

Protecting Your Company’s Most Valuable Asset

Microsoft Ignite /18/2019 7:21 AM

Windows 10 Enterprise subscriptions in CSP – Messaging Summary

NSX Data Center for Security

Detecting Insider Threats: Actions Speak Louder than Words

Protecting your data with Azure AD

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

BACHELOR’S THESIS DEFENSE

Strategic threat assessment

Determined Human Adversaries: Mitigations

GRC - A Strategic Approach

6. Application Software Security

In the attack index…what number is your Company?

CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com

CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Anatomy of a Common Cyber Attack

Presentation transcript:

Six Steps to Secure Access for Privileged Insiders and Vendors Sam Elliott | Bomgar

Agenda Current threat landscape Challenges with traditional Privileged Access Management Balancing security and productivity to drive business value 6 Steps to Secure Access Q&A

About the Speaker SAM ELLIOTT Director of Security Product Management, Bomgar Sam Elliott is responsible for the product management group that is driving product strategy for Bomgar's security products. He has more than a decade of information security, ITSM, and IT operations management experience. He also is a seasoned expert in the areas of cyber-security, data center discovery, systems configuration management, and ITSM. He resides in Atlanta, GA, with his family and can be found on twitter @samelliott.

Threat Landscape A breach is a matter of if, not when High trust still placed in people

Privileged Access Privileged Access Management traditionally focused on just the credential or account. That’s only half the battle against attackers. Expand focus to not only include privileged credentials, but also remote access mechanisms used by both employees and vendors.

What is #1 Method of Compromise?

Remote Access is #1 Method of Compromise Extremely easy for threat actors to find unsecured remote access pathways. Most security organizations don’t have visibility into all of the remote access pathways into their networks. Different teams & external vendors using their preferred tools. No centralized monitoring or auditing. 2017 Global Security Report

81% of Hacking-related Breaches Leveraged Stolen and/or Weak Passwords Privileged credentials are highly targeted “keys to the kingdom”. Admin passwords are often shared across teams. Many organizations forget about privileged credentials used by service desks, service accounts, app to app, third-parties, etc. 2017 Data Breach Investigations Report

Security Solutions Often “Inhibit Productivity”…

The Birth of a New Security Hole “Due to timing of the <Insert Important Event> let’s get this up and running and we will circle back about patching and hardening methods..” Boss Guy “If security slows down production which in turn reduces profitability, [executive management is] never going to side with IT. It's a matter of risk balancing, and if they've never experienced a security breach, they're going to take the risky route until they do.” Reddit Commenter

Make Least Privilege Productive

+ 6 Steps to Secure Access Secure the CONNECTION Defend the CREDENTIAL 1 2 Secure vendor access Secure insider access 3 Remove risk of shared passwords 4 Rotate & randomize privileged credentials 5 Secure Service Accounts 6 Remove threat target with app to app security

Accounts Access

Secure Vendor Access External vendors are “low hanging fruit” because they have to adhere to your policies. Number of third-parties connecting to company networks is rapidly increasing. Eliminate VPNs for vendors to improve security and access management.

Secure Insider Access Any employee who has privileged access: IT Admins IT Operations Operational Technologists Service Desks Only 41% of security professionals trust employees with privilege access completely 2017 Secure Access Threat Report

Remove Risk of Shared Passwords Use a password vault or safe so users don’t see actual credentials. Increase productivity by eliminating check- in/check-out and directly inject credentials into a remote session. Eliminating their visibility to the credential reduces threat of being phished or used through another pathway.

Rotate & Randomize Privileged Credentials Ensure every local credential that has some type of admin right has a unique credential. Stop lateral movement by eliminating common credentials across endpoints. If credential is compromised, won’t be useful for long because it’s rotated.

Secure Service Accounts Manage business uptime, but ensure those credentials can still be rotated. Critical business systems often have the same service account for years. Ensure critical systems stay productive while securing them.

Remote Threat Target with App to App Security Malicious users can compromise hard coded credentials in a script or an application. Remove a prime target with app to app credential security. Obscure credential through a Vault and rotate to remove threat.

+ 6 Steps to Secure Access Secure the CONNECTION Defend the CREDENTIAL 1 2 Secure vendor access Secure insider access 3 Remove risk of shared passwords 4 Rotate & randomize privileged credentials 5 Secure Service Accounts 6 Remove threat target with app to app security

Summary Securing privileged credentials is a must, but don’t just fight half the battle. Discover and take control of all of the remote access pathways being used by both insiders and vendors. Follow the 6 Steps to Remote Access – in the order that makes sense for your organization. Don’t be an assumption cabbie

Summary

Questions?

Thank you for attending!