Securing Privileged Access Across the Hybrid Enterprise
|
|
- Lesley Hines
- 6 years ago
- Views:
Transcription
1 Securing Privileged Access Across the Hybrid Enterprise Alan Hrabinski March 29, 2018 Data Connectors Toronto Alan Hrabinski March 29, 2018
2 Great Data Breaches
3 Great Data Breaches Yahoo, billion user accounts compromised In a truly remarkable turn of events, Yahoo in 2016 not only claimed the crown of Biggest Data Breach Ever with the September disclosure of a 2014 breach that affected 500 million users. It came back in December to disclose a breach from 2013 that compromised a whopping 1 billion user accounts. That's one for every seven or eight people on Earth. The unidentified 2013 hackers, said to be unconnected to those behind the 2014 break-in, got the whole shebang: names, dates of birth, addresses, security questions and answers and weakly protected passwords. (The passwords in the 2014 breach had better protection.) Impact - $ 350 million of market value on sale to Verizon
4 Great Data Breaches FriendFinder, million accounts compromised Casual-hookup and adult-content websites are perfectly legal in most Western nations, but that doesn't prevent data breaches involving them from being any less embarrassing. The FriendFinder network, comprising Adult Friend Finder, Penthouse.com, Cams.com, icams.com and Stripshow.com, was breached sometime in mid- October 2016, and details of user databases immediately began leaking out of cybercrime forums.
5 Great Data Breaches Equifax, million accounts compromised On Sept. 7, 2017, consumer-credit-reporting agency Equifax reported a security breach that took place from mid-may through July. While the breach, totaling 143 million users (later revised to 145 million), isn't the largest ever, it's one of the most damaging. Hackers gained access to a treasure trove of names, Social Security numbers, birth dates, street addresses and, in some instances, driver s license numbers. With those sets of information, miscreants can pose as you to set up credit cards, mortgages, loans and other important agreements.
6 Great Data Breaches National Security Administration, 2013 Up to 1.5 million secret documents Edward Snowden stole an estimated 1.5 million documents from the National Security Agency. At the time, Snowden worked as an intelligence contractor for Booz Allen Hamilton.
7 UBER 'SURPRISED' BY TOTALLY UNSURPRISING PENNSYLVANIA DATA BREACH LAWSUIT 600,000 drivers and license details 57 million users Paid $13.5 million to cover loss of 13,500 drivers PII 49 more states to go
8
9 Attackers and Tactics Verizon s 2017 Data Breach Investigations Report
10 Managing Privileged Accounts
11 What is a Privileged Account? An account that can: that can impact the integrity of a device, system, application, database, or data; that can create a material risk or have a material impact on your organization; and is outside the scope of your job responsibility.
12 Examples of Privileged Accounts Sys admins DBA Network admins Desktop admins Helpdesk staff Application admins Internal developers 3 rd party developers Contractors SaaS admins IaaS, PaaS, Cloud Social media admins Audit Mainframe IoT devices (Scanners, others) Domain admins Enterprise admins ESX admins Firewall admins Sudo Management tool accounts
13 Abusing Privileged Accounts Abuse E.g. Anthem ed records to a personal account Escalation E.g. Edward Snowden Fabricated digital keys, asked co-workers for their credentials Unauthorized access E.g. engineering firm - Steal credentials when leaving for competition colleague s and FTP site Human error E.g. health care providing access to all patients records Common issue: No one was controlling and monitoring privileged access
14 How to Manage and Control Administrative Privileges Identify tasks which absolutely require administrative privileges; Identify staff who are required, and are authorized, to carry out such tasks on a permanent basis or for a predetermined length of time; Create separate administrative accounts for those staff (ensuring administrators make an explicit decision to use administrative privileges), ensuring that those credentials have the least privilege required for their specific task; Ensure administrative accounts do not have the ability to access the Internet or read ; Ensure administrative tasks are performed, where possible, on a dedicated administrative computer that does not the ability to access the Internet or read e- mails; Ensure management infrastructure is isolated in a management restricted zone; Government of Canada, Communications Security Establishment, 2015
15 How to Manage and Control Administrative Privileges Implement restrictions such as time of day or login location; Implement multi-factor authentication for administrative accounts; Review administrative privilege regime (including audit, events and systems logs) periodically; and Ensure all audit information (e.g., audit records, audit reports) are collected and stored, where possible, in a physically separate system or tamper-resistant repository (e.g., Security Information and Event Management (SIEM)). Government of Canada, Communications Security Establishment, 2015
16 Privileged Accounts The Emerging Front Line ORGANIZATIONS TYPICALLY HAVE 3-4X MORE PRIVILEGED ACCOUNTS AND CREDENTIALS THAN EMPLOYEES! Microsoft Office 365 Administrator On Premise Employees/Partners Systems Admins Network Admins DB Admins Application Admins Apps VMware Administrator AWS Administrator Public Cloud Employees Systems/NW/DB/Applic ation Admins INTERNET Partners Systems/NW/DB/Application Admins Hacker Malware/APT Apps
17 How CA Manages Privileged Accounts
18 Addressing Security and Compliance Risks With Privileged Access Management STOP TARGETED ATTACKS MITIGATE INSIDER THREATS ACHIEVE & SUSTAIN COMPLIANCE IMPROVE EFFICIENCIES SECURE THE HYBRID ENTERPRISE
19 CA Privileged Access Manager Privileged Account Management for the Hybrid Enterprise Traditional Data Center Software Defined Data Center HYBRID ENTERPRISE Public Cloud - IaaS SaaS Applications Mainframe, Windows, Linux, Unix, Networking Enterprise Admin Tools SDDC Console and APIs Cloud Console and APIs SaaS Consoles and APIs A New Security Layer - Control and Audit All Privileged Access Vault Credentials for Users and Apps Centralized Authentication Federated Identity Privileged Single Sign-on Identity Integration Role-Based Access Control Monitor and Enforce Policy Record Sessions and Metadata Full Attribution Unified Policy Management CA Privileged Access Manager Enterprise-Class Core Hardware Appliance OVA Virtual Appliance AWS AMI
20 CA Privileged Access Manager in Action HYBRID CLOUD ENVIRONMENT Public Cloud Vault & Manage Credentials Positively Authenticate Users Restrict Access to Authorized Systems Federate Identity and Attributes (SSO) Monitor and Enforce Policy Record Sessions and Metadata Attribute Identity for Shared Accounts Private Cloud Integrated Controls and Unified Policy Management Traditional Data Center
21 Meaningful Gaps Enterprises Defenses are Static Compromised accounts Privileged access and insiders Untrusted end points Provisioning Provide new users with access to resources Authentication Validate identity when access requested Bad guys exploit this gap to their advantage Privileged Access Limit admin and system control access Identity & Access Management Manage and report on access provided SIEM IDS Enterprise security solutions don t adapt based on behavior how data is accessed, used or misused AWS
22 Threat Analytics Fills the Security Gap Enabling privileged access management with analytics Analytics enable security Continuous behavior monitoring of how valuable assets are accessed and used Mathematical models of individual entities detect behavior variations Same approach used in credit card security Automated triggering of adaptive controls to mitigate risk and limit damage Provide insight into risk, past activities and system operations CA is a market leader in providing data science based fraud analytics to banks
23 Threat Analytics for PAM Powerful analytic capabilities delivered in an easy-to-deploy, easy-to-use solution Raw data Advanced analytics Entity - relationship mapping Intuitive risk decisions & automated mitigations Focus on domain specific contextual data for PAM, initially authentication & connection events Future integration with other CA products (and their data) enable effortless and accurate access to event data System extracts critical information about activities and environment Locations System access Devices Sensitivity Behavior captured and modeled for fast evaluation Changes in model are evaluated to detect risk and malicious activity Trigger automated controls to mitigate risk Start a session recording Force a re-authentication Generate actionable alerts Enable context rich reporting
24 Threat Analytics for PAM Advanced Behavior Analytics and Automated Mitigation Advanced Capabilities Automated detection, mitigation and alerting for critical threats that complements existing PAM, SIEM and SOC workflows and provide continuous intelligent monitoring Advanced behavior analytics enable enterprise to detect attacks using same approach used by banks to defeat credit card fraud - using historic and real-time activity to assess context and analyze risk Integrated risk mitigations and controls, including triggering session recording and re-authentication, close the door on insiders and attackers. Compelling Benefits Reduced risk - automated analytics provide both threat detection and contextual rich view of user behavior. Meaningful insight - simplifies risk mitigation, incident response and compliance provided via context rich user interfaces that expose and make it easy to access information regarding user, events and system activities. Quick time-to-value - Immediately delivers compelling user experience with human-understandable risk and insights Easy deployment - Deploys as single, virtual machine no special skills or significant effort required
25 Why CA?
26 Key CA Differentiators Scalability CA PAM requires only a pair of appliances to protect thousands of resources supporting upward of 4000 concurrent sessions. Competing solutions require multiple servers, supports far fewer concurrent sessions and is difficult and costly - to deploy. Quick Time-To-Value CA PAM is delivered as an appliance that can be installed in hours, compared to the weeks it takes to install and configure multiple servers with competing products. This means you can be up and running quickly, gain rapid time to protection across your hybrid enterprise, and relish ease of administration. Defense-In-Depth Only CA can offer a comprehensive solution for privileged access management, delivering both the broad protection and simplified deployment of a network-based solution, and the fine-grained protections enabled by a host-based product. Unlike other vendors, CA supports the needs of the enterprise today and in the future.
27 Why CA - Footprint Comparison of Leading Solutions Which infrastructure would you rather deploy, maintain and support? Competitor 1 Competitor 2 CA PAM Cluster CA PAM Components for 1500 Servers
28 What Others Are Saying Testimonial With CA Privileged Access Manager, we have greater visibility into the activities of our privileged users. In addition, we have significantly reduced our risks from insider threats. - Michael Nawrocki, Senior IT Architect, Telesis Corporation Testimonial The access control component is solid. It adds another layer of security from the basic OS security of Linux and Windows. - Quote from a review of CA Privileged Access Manager via IT Central Station TECHVALIDATE RESULTS 86% of surveyed IT organizations have significantly improved their confidence in protecting against breaches with CA Privileged Access Manager 88% of surveyed IT organizations were able to reduce security and compliance risks by more than 50% with CA Privileged Access Manager 90% of surveyed IT organizations addressed audit and compliance demands associated with controlling and managing privileged access with CA Privileged Access Manager
29 Recommendations
30 Recommendations Develop a privileged access management program Begin with the end in mind Include all privileged users Include all privileged access On-prem, cloud, SaaS, SDDN Include session recording Incorporate 2FA/MFA Automate analytics and event handling Prioritize highest risk access first Turn program into an advantage for administrators 30
31 Thank you
32 Alan Hrabinski Senior Security Strategist
33 Legal All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages. CA does not provide legal advice. Neither this document nor any CA software product referenced herein shall serve as a substitute for your compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, policy, standard, guideline, measure, requirement, administrative order, executive order, etc. (collectively, Laws )) referenced in this document. You should consult with competent legal counsel regarding any Laws referenced herein.
Managing Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationUsing Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
More informationOverview. Business value
PRODUCT SHEET CA Top Secret for z/vse CA Top Secret for z/vse CA Top Secret for z/vse provides innovative and comprehensive security for business transaction environments which enable your business to
More informationProtect Your Data the Way Banks Protect Your Money
Protect Your Data the Way Banks Protect Your Money A New Security Model Worth Understanding and Emulating Enterprise security traditionally relied on a fortress strategy that locked down user endpoints
More informationKeep the Door Open for Users and Closed to Hackers
Keep the Door Open for Users and Closed to Hackers A Shift in Criminal Your Web site serves as the front door to your enterprise for many customers, but it has also become a back door for fraudsters. According
More informationGDPR How we can help. Solvit Networks CA. ALL RIGHTS RESERVED.
GDPR How we can help Solvit Networks 01.11.2017 2016 CA. ALL RIGHTS RESERVED. GDPR The facts The General Data Protection Regulation (GDPR) applies to all companies trading in the EU and processing personal
More informationGDPR: An Opportunity to Transform Your Security Operations
GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More information5 OAuth Essentials for API Access Control
5 OAuth Essentials for API Access Control Introduction: How a Web Standard Enters the Enterprise OAuth s Roots in the Social Web OAuth puts the user in control of delegating access to an API. This allows
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationPasswords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist
Passwords Are Dead Long Live Multi-Factor Authentication Chris Webber, Security Strategist Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Threat Landscape Breach accomplished Initial attack
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationSOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK
RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK KEY BENEFITS AT A GLANCE Ensure your journey to the cloud is secure and convenient, without compromising either. Drive business agility
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationSkybox Security Vulnerability Management Survey 2012
Skybox Security Vulnerability Management Survey 2012 Notice: This document contains a summary of the responses to a June 2012 survey of 100 medium to large enterprise organizations about their Vulnerability
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Shut Down and Restart Appliances Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred
More informationpvs Release Notes All series
pvs Release Notes All series CA Nimsoft Monitor Copyright Notice This online help system (the "System") is for your informational purposes only and is subject to change or withdrawal by CA at any time.
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationCA Nimsoft Monitor. Probe Guide for DHCP Server Response Monitoring. dhcp_response v3.2 series
CA Nimsoft Monitor Probe Guide for DHCP Server Response Monitoring dhcp_response v3.2 series Legal Notices This online help system (the "System") is for your informational purposes only and is subject
More informationHIPAA Regulatory Compliance
Secure Access Solutions & HIPAA Regulatory Compliance Privacy in the Healthcare Industry Privacy has always been a high priority in the health profession. However, since the implementation of the Health
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationCA Security Management
CA Security CA Security CA Security In today s business environment, security remains one of the most pressing IT concerns. Most organizations are struggling to protect an increasing amount of disparate
More informationForeScout ControlFabric TM Architecture
ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Incident Manager Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationData Privacy and Protection GDPR Compliance for Databases
Data Privacy and Protection GDPR Compliance for Databases Walo Weber, Senior Sales Engineer September, 2016 Agenda GDPR: who, what, why, when Requirements for databases Discovery Classification Masking
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Monitor Performance Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Problem Manager Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationBuilding a Business Case for Cyber Threat Intelligence. 5Reasons Your. Organization Needs a Risk-Based 5Approach to Cybersecurity
Building a Business Case for Cyber Threat Intelligence 5Reasons Your Organization Needs a Risk-Based 5Approach to Cybersecurity 5 Reasons for a Risk-Based Approach to Cybersecurity The Bad Guys are Winning
More informationSOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:
(Solutions Brief) An integrated cybersecurity Administration solution for securing any Large Enterprise. The Industry s most complete protection for the Large Enterprise and Cloud Deployments. KEY SERVICES:
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationClosing the Biggest Security Hole in Web Application Delivery
WHITE PAPER JANUARY 2014 Closing the Biggest Security Hole in Web Application Delivery Addressing Session Hijacking with CA SiteMinder Enhanced Session Assurance with DeviceDNA Martin Yam CA Security Management
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Configuration Manager Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationIT infrastructure layers requiring Privileged Identity Management
White Paper IT infrastructure layers requiring Privileged Identity Management Abstract Much of today s IT infrastructure is structured as different layers of devices (virtual and physical) and applications.
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCrash course in Azure Active Directory
Crash course in Azure Active Directory Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely.
More informationWHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD
WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD Imagine that you re a CISO in charge of identity and access management for a major global technology and manufacturing company. You
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities
SailPoint IdentityIQ Integration with the BeyondInsight Platform Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 5 BeyondTrust
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationCA SSO. Agent for Oracle PeopleSoft Release Notes. r12.51
CA SSO Agent for Oracle PeopleSoft Release Notes r12.51 This Documentation, which includes embedded help systems and electronically distributed materials (hereinafter referred to as the Documentation ),
More informationBRM Accelerator Release Notes - On Premise. Service Pack
BRM Accelerator Release Notes - On Premise Service Pack 03.0.02 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationCA ERwin Data Profiler
PRODUCT BRIEF: CA ERWIN DATA PROFILER CA ERwin Data Profiler CA ERWIN DATA PROFILER HELPS ORGANIZATIONS LOWER THE COSTS AND RISK ASSOCIATED WITH DATA INTEGRATION BY PROVIDING REUSABLE, AUTOMATED, CROSS-DATA-SOURCE
More informationWhite Paper. How to Write an MSSP RFP
White Paper How to Write an MSSP RFP https://www.solutionary.com (866) 333-2133 Contents 3 Introduction 3 Why a Managed Security Services Provider? 5 Major Items to Consider Before Writing an RFP 5 Current
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Service Problems and Faults Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as
More information2017 Varonis Data Risk Report. 47% of organizations have at least 1,000 sensitive files open to every employee.
2017 Varonis Data Risk Report 47% of organizations have at least 1,000 sensitive files open to every employee. An Analysis of the 2016 Data Risk Assessments Conducted by Varonis Assessing the Most Vulnerable
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationCA GovernanceMinder. CA IdentityMinder Integration Guide
CA GovernanceMinder CA IdentityMinder Integration Guide 12.6.00 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationCA Cloud Service Delivery Platform
CA Cloud Service Delivery Platform Demand Manager Release 1.1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including steep financial losses, damage
More informationCA Nimsoft Monitor. Probe Guide for iseries Job Monitoring. jobs v1.3 series
CA Nimsoft Monitor Probe Guide for iseries Job Monitoring jobs v1.3 series Contact CA Contact CA Support For your convenience, CA Technologies provides one site where you can access the information that
More informationSOLUTION BRIEF NETWORK OPERATIONS AND ANALYTICS. How Can I Predict Network Behavior to Provide for an Exceptional Customer Experience?
SOLUTION BRIEF NETWORK OPERATIONS AND ANALYTICS How Can I Predict Network Behavior to Provide for an Exceptional Customer Experience? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT When used
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationEXECUTIVE VIEW. One Identity SafeGuard 2.0. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger August 2017 One Identity SafeGuard 2.0 One Identity SafeGuard 2.0 is a re-architected, modular solution for Privilege Management, supporting both
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationBig Brother is Watching Your Big Data: z/os Actions Buried in the FISMA Security Regulation
Big Brother is Watching Your Big Data: z/os Actions Buried in the FISMA Security Regulation Bill Valyo CA Technologies February 7, 2013 Session #12765 Quick Abstract: About this Presentation This presentation
More informationZero Trust in Healthcare Centrify Corporations. All Rights Reserved.
Zero Trust in Healthcare 1 CYBER OFFENSE REDEFINED: TRANSFORM YOUR SECURITY POSTURE WITH ZERO TRUST 2 What Keeps CIOs Up at Night? How exposed are we, anyway? Who can access what? Can we trust our partners?
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust
More information6 Key Use Cases for Securing Your Organization s Cloud Workloads. 6 Key Use Cases for Securing Your Organization s Cloud Workloads
6 Key Use Cases for Securing Your Organization s Cloud Workloads 1 6 Key Use Cases for Securing Your Organization s Cloud Workloads Table of Contents Introduction: The Continuing Rise of Cloud Adoption
More informationCSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO
CSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationEXECUTIVE VIEW. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger August 2017 is a mature enterprise-class offering for Privilege Management, supporting the key areas of the market such as Shared Account and Privileged
More informationIBM Security Access Manager
IBM Access Manager Take back control of access management with an integrated platform for web, mobile and cloud Highlights Protect critical assets with risk-based and multi-factor authentication Secure
More informationComune della Spezia protects service continuity with integrated backup and replication from CA Technologies
CUSTOMER SUCCESS STORY Comune della Spezia protects service continuity with integrated backup and replication from CA Technologies CLIENT PROFILE Industry: Local government Company: Municipality of La
More informationarcserve r16.5 Hybrid data protection
arcserve r16.5 Hybrid data protection Whether you re protecting the data center, remote offices or desktop resources, you need a solution that helps you meet today s demanding service-level agreements
More informationCA Nimsoft Service Desk
CA Nimsoft Service Desk Enabling Email Integration 6.2.6 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationCA IT Client Manager. Release Notes. Release 12.8
CA IT Client Manager Release Notes Release 12.8 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for
More informationSOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE
HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling
More informationSecuring Your Cloud Introduction Presentation
Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationWhite Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection
White Paper The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection February, 2017 Introduction The North American Electric Reliability Corporation (NERC) maintains
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationMcAfee Database Security
McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability
More informationForensics for Privileged Users. Raman Dadoo Advisor, Solution Strategy
Forensics for Privileged Users Raman Dadoo Advisor, Solution Strategy Privileged identities pose a particularly significant threat to network and data security The Problem With Privileged Identities All-Powerful
More informationCA ARCserve Backup for Windows
CA ARCserve Backup for Windows Release Summary r12.5 This documentation and any related computer software help programs (hereinafter referred to as the Documentation ) is for the end user s informational
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationCA Workload Automation Agent for Databases
CA Workload Automation Agent for Databases Release Notes r11.3.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationCloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm
Presentation Title Cloud Computing: Is it safe for you and your customers? Alex Hernandez DefenseStorm Background A career of helping companies integrate new technologies into their existing infrastructure
More information