Privileged Access Control: Do you know WHO logged in as Administrator and WHAT they did?

Some of the most challenging regulatory and compliance auditor questions and issues focus around the control and audit of your most technically sophisticated and most privileged users – your system administrators, application administrators, network administrators, developers, IT managers and others.

These user accounts, including system-defined accounts for operating systems, network devices, and databases are part of every IT infrastructure and sharing these privileged accounts is a necessary reality. Despite the obvious risk associated with granting privileged (or elevated) access - the focus for effective control, monitoring and access of these most powerful users has often been overlooked in-lieu of other security and compliance priorities.  For many enterprises those responsible to ensure the appropriate level of control, monitoring and audit of privileged users are often themselves privileged users - as a result existing ad-hoc and "process based" controls, which maybe limited based on today's regulatory/compliance focus, are viewed as "adequate" - after all, privileged users tend to trust themselves.

Financial service companies have a host of regulatory and compliance standards they must address, each with their own audit focus from Federal Financial Institutions Examination Council to Sarbanes Oxley, Basel II, Gramm-Leach Bliley Act (GLBA) to Payment Card Industry.  Each, in its own way, stresses the requirement of controlling privileged users, passwords and access - some very specifically and others in more broad terms.   The Payment Card Industry Data Security Standard (PCI DSS) for example requires "auditing of all privileged user activity" while ISO 27001 IT security standard requires "use of privileges shall be restricted and controlled".    Add in the human auditor factor, each with their own unique background - ever changing "current area of audit focus" and it is easy to see why regulatory compliance is a constantly changing and dynamic battle for today's financial service enterprises.   Where an auditor may focus on your control and management of shared administrative accounts today - next year the same audit will shift focus on the level of audit you have over privileged or remote vendors.  Regulatory compliance as it relates to privileged user and access control is a moving target.  For these reasons it is important to look beyond  point solutions that may close a specific open audit issue - for example delivering individual accountability over shared administrative accounts --  towards a solution that offers a broad set of privileged user, account, access control and audit capabilities.

Managing these accounts and users with existing manual or internally developed processes is not the answer since it is impossible to account for who is using the shared user-id resulting in opportunities for users to modify or delete data as well as accidental changes that can cost an organization millions in damages as well as impacting their brand reputation. 

e-DMZ Security developed the Total Privileged Access Management (TPAM) suite to provide today's enterprise a unified, flexible and modular solution to meet all your privileged user, access control and audit requirements.

Unlike traditional privileged password management point production solutions, e-DMZ Security's Total Privileged Access Management (TPAM) Suite is a robust collection of integrated modular technologies designed specifically to meet the complex and growing compliance and security requirements associated with privileged identity management and privileged access control.   Deployed in many of the world's largest financial services enterprises, to regional credit unions, TPAM is a proven market leader in resolving key regulatory and compliance issues for privileged access control. 

The key modules that make up the TPAM Suite are:

Privileged Password Management: Secure storage, release control and change control of privileged passwords across a heterogeneous deployment of systems and applications is a requirement for all enterprises.  Past internally developed solutions and procedures do not meet the needs driven by increased internal threats and compliance.  The award winning capabilities of our Password Auto Repository (PAR) provides the enterprise class features, functions and scalability demanded by today's environment.

Application Password Management: Embedded, Hard-coded accounts and passwords in scripts and/or applications is an often overlooked back-door security vulnerability to the enterprise.  Through the robust CLI/API supported by PAR, these hard-coded passwords can be replaced with a simple call into PAR.  In addition, with our optional Password Accelerator, we can support over 1,000 password requests per second to meet the needs of the most demanding high-frequency A2A or A2DB environments.

Privileged Session Management: From remote vendors to developer access to production or other privileged access requirements, the ability to control access, audit access, monitor access and recording access become more and more critical as companies converge internal resources and/or outsource.  Our award winning eGuardPost provides full session management and controls including fine-grain resource access control, active session monitoring and full session recoding in an unmatched size efficient format for future replay.

Privileged Command Management: Most enterprises today are forced to do more with less and less resources.  As a result, the need to provide restricted delegated privileged access to key resources is growing.  The unique configurable privileged command capabilities found in eGuardPost v2.2 supports privileged access controls down to the command level.  Not only are you able to control, recording and monitor sessions - you can limit connections to a specific command for both Unix/Linux and Windows systems.

Recently named Best Regulatory and Compliance solution by SC Magazine Excellence Awards, TPAM deliver's the level of security, control and audit demanded by today's increasing regulatory and compliance audit focus.  Deployed in hundreds of banks from the largest multi-national banks to regional banks and credit unions, TPAM is proven at all levels.

For more information and a copy of Ovum Butler Group report on TPAM please visit:  http://www.e-dmzsecurity.com/usfst.html