Privileged Account Access:
Without it, You Don’t Have Security or Compliance
Privileged accounts are both a necessity and a liability. Administrative, Super User, Root, Fire Call, and other privileged accounts provide the nearly-unlimited access to system resources that is essential for everyday and emergency IT operations, yet auditors recognize that unmonitored, uncontrolled access to privileged accounts leaves an organization wide-open to privacy breaches, fraud, and identity theft that cannot be traced to any individual.
Fischer’s Privileged Account Access solves this problem by providing an automated framework for controlling access to privileged accounts based on account access policies and user attributes.
Fischer’s Privileged Account Access is the most efficient, effective, and fastest-to-deploy privileged account solution because it leverages the elements of your current provisioning environment: connectivity, policies, cross-domain and cross-enterprise capabilities, and more. Privileged Account Access closes the loop for your security and compliance initiatives.
Key Drivers
- Security
- Compliance
- Emergency Response
Challenges
- Delayed access to Fire Call accounts during off-hours
- Unable to prove to auditors which administrators had access to which privileged accounts, and when
- Exposure from passwords embedded in scripts
- Must be integrated with an Identity Management solution for accurate access privileges and lifecycle management
Fischer’s Solution
- Conveniently maintain a small pool of high-privilege accounts
- System owners establish policies and rules that control account access: least-privilege methodology ensures that users can view / request / relinquish only authorized resources
- Access requests are processed automatically based on system and user attributes: grant, deny, approve, revoke, escalate, etc.
- Enforce who can access any resource at any time
- Ensure that only one person can use an account at any time
- Automated password checkout process eliminates need for embedded passwords All HPA-related events become part of the corporate view of compliance: who accessed which accounts, for how long, what functions were needed, who approved access and why, and more.
- Integrate with Security Information Management (SIM) and Security Event Management (SEM) systems for enhanced security and compliance
Customer Benefits
- Eliminate major compliance and security risks
- Prevent material weaknesses due to inadequate access control procedures and excessive privileges
- Never store passwords
- Minimize the need to divulge the root password of a controlled system
- Leverage your exiting provisioning infrastructure: plugs-in to connectivity, policies, cross-domain and cross-enterprise capabilities, and more
|
