Privileged Identity Management Enterprise Password Vault

Slides:



Advertisements
Similar presentations
© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.
Advertisements

McAfee One Time Password
CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.
Chapter 20 Oracle Secure Backup.
BalaBit Shell Control Box
TANDBERG Content Server January Organizational Challenges Corporations have struggled in the past:  Achieving unified communications within a global.
Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.
Random Password Manager Centralized scalable password management security and recovery Joe Vachon Sales Engineer.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
Privileged Account Management Jason Fehrenbach, Product Manager.
Security Controls – What Works
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Active Directory: Final Solution to Enterprise System Integration
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Microsoft Virtual Server 2005 Product Overview Mikael Nyström – TrueSec AB MVP Windows Server – Setup/Deployment Mikael Nyström – TrueSec AB MVP Windows.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Chapter 8: Network Operating Systems and Windows Server 2003-Based Networking Network+ Guide to Networks Third Edition.
Netop Remote Control Trusted. Secure. Experienced.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Account Reset Console Delegated and secure self password resets Joe Vachon Sales Engineer.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
Electronic Customer Portal System. Reducing Risks – Increasing Efficiency – Lowering Costs Secure Internet based Communication Gateway direct to your.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Microsoft Identity and Access Solutions Market Trends and Futures
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
IBM Software Group - IBM Systems Group © 2006 IBM Corporation IBM Software Group | IBM Systems Grouppage 1 Team Collaboration Software Selling Strategy.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Windows 2000 Active Directory Service COSC 513 Yongquan Cai 03/10/2001.
Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.
Module 7: Fundamentals of Administering Windows Server 2008.
Chapter 6 of the Executive Guide manual Technology.
Netwrix product briefing n4.0 Unified Auditing for Critical IT Systems.
CS480 Computer Science Seminar Introduction to Microsoft Solutions Framework (MSF)
Secure Data Sharing What is it Where is it What is the Risk – Strategic > What Policy should be enforced > How can the process be Audited > Ongoing Process.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Citrix Solutions in Financial Services Joseph Alexander Delgado Business Development Manager, Citrix Wordtext Systems, Inc.
Sudha Iyer Principal Product Manager Oracle Corporation.
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Lieberman Software Random Password Manager & Two-Factor Authentication.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
CAIU Technology Essentials All Staff Day, 2016 Instructor: Stefan Moyer.
Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.
Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Identity and Access Management
Review of IT General Controls
WHAT IS A NETWORK TYPES OF NETWORK NETWORK HARDWARE
Centralized Management for Barracuda Networks products
Configuring Windows Firewall with Advanced Security
Technology Management- A CIO Perspective
An Introduction to Computer Networking
PRIVILEGED ACCOUNT ABUSE
Introduction to Local Area Networks
Media365 Portal by Ctrl365 is Powered by Azure and Enables Easy and Seamless Dissemination of Video for Enhanced B2C and B2B Communication MICROSOFT AZURE.
Information Technology Ms. Abeer Helwa
System Center Operations Manager 2007 – Technical Overview
Presentation transcript:

Privileged Identity Management Enterprise Password Vault

Privileged Password Management – Agenda Privileged Users 101 What are privileged Users The Challenge Common Practices and the Risks Involved Drivers: Regulations and Internal Breaches Business and Technical Requirements Cyber-Ark Enterprise Password Vault Technology Architecture Benefits Demonstration Q&A

Identity Management – Individual Users Component - Directories

LDAP/Identity Management Partners The Password Vault and can be integrated with any LDAP or Identity management solution, Cyber-Ark has strategic partnerships with the companies below. Together an organization will be able to manage both users and shared privileged accounts

PIM - White Space for Major IAM Players

What Are Privileged Accounts? Administrative Accounts Shared Predefined: UNIX root Cisco enable DBA accounts Windows domain Etc. Owned by the system: Not owned by any person or “identity” Shared: Help Desk Fire-call Operations Emergency Legacy applications Developer accounts Application Accounts Hard-coded, embedded: Resource (DB) IDs Generic IDs Batch jobs Testing Scripts Application IDs Service Accounts: Windows Service Accounts Scheduled Tasks Personal Computer Accounts Windows Local administrator: Desktops Laptops

Privileged Accounts Today Common practices: Storage: Excel spreadsheets, physical safes, sticky notes, locked drawers, memorizing, hard coded in applications and services Resets: Handled by a designated IT members, call centers, mostly manual Known to: IT staff, network operations, help desk, desktop support, developers Common problems: Widely known, no accountability Unchanged passwords Lost passwords Same password across multiple systems Simplistic passwords – easy to remember Passwords not available when needed

Regulatory Compliance (Sarbanes Oxley, PCI, BS7799 etc.) Key Business Drivers Regulatory Compliance (Sarbanes Oxley, PCI, BS7799 etc.) Auditing and Reporting Control Segregation of Duties Proactive Improvement of Information Security Practices Lost and Risk prevention Return on Investment Administrative Password Management Internal Breach Return On Investment Efficiency and Productivity

Mission Statement Cyber-Ark Software is an Information Security company that develops and markets digital vaults for securing and managing highly-sensitive information within and across global enterprise networks. Vault Safes (Local Drive or SAN) Auditing (Visual Security) Manual & Geographical Security Access Control Authentication File Encryption Firewall Session Encryption LAN, WAN, INTERNET Cyber-Ark Vault Server

Password Vault Architecture Central Password Manager Privileged Users are defined to the Central Password Manager and a copy of their passwords is stored within the Vault 1 Central Password Manager is periodically regenerating new passwords for all managed accounts on all relevant systems and/or Directory Servers and then stores a copy of the new passwords within the Vault 2 Unix Servers The Administrator is now ready to login to its target application or server 4 An Administrator needs to perform an administrative task on any system or device. After authenticating to the Vault, and passing relevant security checks the specific password of the target account on the target system is retrieved. 3 Password Vault Windows Servers Networking Devices Directory Server WAN Desktops Disaster Recovery Site Main Frame

Application Passwords Scripts Shell, Perl, Bat, Sqlplus… Applications Custom developed C/C++, COM, Java, .NET code Application Servers (WebSphere, WebLogic…) Products IT Management ETL tools (Informatica, etc…)

Hard-Coded Password Embedded in Code . UserName = “app” Password = “asdf” Host = “10.10.3.56” ConnectDatabase(Host, UserName, Password) Work with database source1.vbs . UserName = “app” Password = PVToolKit(“Vault.ini”,“User.ini”,“Safe”,“Root\Password”) Host = “10.10.3.56” ConnectDatabase(Host, UserName, Password) Work with database source1-new.vbs

Requirements for Privileged Accounts Management Solution Exceptionally secure solution for the keys of the kingdom Supreme performance, availability and disaster recovery due to its mission-critical nature Flexible distributed architecture to fit the enterprise complex network topology Single standard solution for a multi-facet problem Intuitive and robust interfaces

Thank You David Adamczyk Channel Sales Manager Cyber-Ark Software david.adamczyk@cyber-ark.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.