Transcription
THYCOTICPRIVILEGED ACCESS MANAGEMENT
More 5-star reviews than any other PAM vendorAgility &SecurityPerformance &Requires Less,AdoptionEase of UseCovers MoreSkyrocketsWe are very pleased withThycotic is 100% better thanAdoption has been organicperformance and ease ofCyberArk at a fraction of thewithout a need to stronglyuse, especially compared tocost. And requires a smallerpush the tool. It’s intuitive,the product it will replace.footprint and covers morerequiring very little training tocompliance requirements.get our teams up and running.CISO, FINANCE INDUSTRYIT SPECIALIST, SERVICE INDUSTRYINFOSEC MANAGER, SERVICE INDUSTRYTotalCost ofOwnership
PRIVILEGED ACCOUNTSWhat is a privileged account? Non or human accounts used by IT staff which often haveunfettered access to critical data and systems i.e. DomainAdmin, root. Exist everywhere in nearly every connected device, server,hypervisor, OS, DB, or application: on-premises & cloud. Represent one of the most vulnerable aspects of anorganization’s IT infrastructure.
Accounts and Password s usage today. Zsolt, 22 Years old, IT Administatorresponsible for 80 Servers and 260 Workstations Can t remember Passwords longer than 10 chars Is responsible for 500 Service Accounts within the organisation (Windows, Unix, IBM, Cloud) Uses usually same Passwords on all accounts he needs to manage Stores them in a secret location in a plain text document Changes usually every 2 Years CompaniesZsolt also manages this cloud services and required Admin pboxEgnyteAzureAmazon AWSPhoenixNAP
ROI and Time SavingZsolt s company implemented Thycotic PAM and now he canManage all privileged accounts in one interfaceDiscover all unknown privileged accountsSetup secure encrypted vault, permissions, users and structureStore and Rotate sensitive acounts within Secret ServerImplement RBAC, Access Requests, and other controlsHe can now work with: Session launchingSession proxyingSession monitoringSession recordingImplement least Privilege Access accross his organisation withoutspending much time on administrative tasks
PAM: Without ThycoticVirtual ServersWindows AdminsUnix / Linux ServersWhy PAM Security isDifficultDifferent-Systems,Unix Admins- Environments,- Applications- RolesIseries MainframesDBAszSeries Mainframes- Databases- RolesWindows ServersVM AdminsDatabases- DevicesApplicationsDifferent Roles needdifferentaccessEmployees need differentaccess to different dataExternal VendorsNetwork DevicesBusiness ApplicationsSecurity AppliancesWebsite / Web AppsCloud or on premiseAuditor
PAM: Without Thycotic nowWindows AdminsVirtual ServersUnix / Linux ServersUnix AdminsWindows ServersIseries MainframesDBAszSeries MainframesVM AdminsExternal VendorsDatabasesApplicationsNetwork DevicesBusiness ApplicationsAuditorSecurity AppliancesWebsite / Web Apps
PAM: With ThycoticVirtual Servers Automatic identification ofprivileged account risk Continuous monitoring ofsuspicious behavior andsecure storage of privilegedaccounts Real-time detection, alertingand response to maliciousprivileged account activityEnforcement of leastprivilege through applicationcontrolWindows AdminsUnix / Linux ServersUnix AdminsWindows ServersIseries MainframesDBAszSeries MainframesVM AdminsDatabasesApplicationsExternal VendorsNetwork DevicesBusiness ApplicationsSecurity AppliancesWebsite / Web AppsAuditor
Current remote working is not like “Homeoffice”was before People now work Remote which never worked from home Distraction at home much higher than usually (Children etc.) People not trained and aware about issues at home Setup of Remote workers was done quick and in hurry People and Equipment went out of the Perimeter without longsecurity planning Private Home Internet Connection mainly used Given access rights for Remote workers often too high
To do something without proper planningis always a security risk Forgotten Details? Configuration changes in AD Configurations on Firewalls Forgotten Webfiltering (usually internal proxy) Missing Remote Management and Support solution? No Endpoint Security or DLP solution? Windows Firewall configuration? Backup concept?
VPN – Virtual Private NetworkNetworkDistributedEngineS E C R E TS E R V E RThe Internet
The Challenge: Traditional PAM can miss Privileged AccountsUnder-the-radar service accounts“These privileged credentials are usually notBusiness Usersinventoried, changed, or controlled, meaning thathackers can use them to gain easy access tobusiness-critical applications.” – ForresterExternal VendorsWindows AdminsCloud infrastructure“ The explosion of cloud services has drivenUnix Adminsproliferation of privileged accounts and credentialsto a state that, for most organizations, isunmanageable without processes and tools“ – GartnerApplicationsServicesDevOps CI/CD pipelines“ Instances of hard-coded credentials, vOpsEndpointsOp TechOTDOMAINappearing in source code repositories, no credentialrotation or highly fragmented approaches tocredential vaulting these challenges represent risk“– Gartner
Usability is so central to building security thatworks in the real world - not just on paper - thatno savvy organisation can afford to ignore it.The only good security is usable security.Security and Usability: You CAN Have It All!
35 IndustryAwards in2019
Thycotic is 100% better than CyberArk at a fraction of the cost. And requires a smaller footprint and covers more compliance requirements. IT SPECIALIST, SERVICE INDUSTRY Adoption Skyrockets Adoption has been organic without a need to strongly push the tool. It’s intuitive, requir
