For many years I’ve stressed that having a high-integrity audit trail was the only control over all powerful admins and other privileged users and that an audit trail was only a detective/deterrent control – not a hard core preventive control. By this I mean you can use audit logs to potentially detect misuse or malicious activity by privileged users after the fact, and to deter privileged users from bad actions by leveraging their cognizance of the audit system.
Of course the problem with the audit trail approach is that it’s hard to detect abuse of privileged authority and when people are really angry they tend to ignore audit trails or look for ways around them. And in either case you still suffer the damages because you weren’t able to prevent the incident in the first place.
Today there is a class of privileged account management solutions that focus on providing a more proactive and preventive approach to managing the risks associated with privileged accounts. In this webinar I will show you the different methods these solutions use including:
· Proxy based administration for both AD and Unix worlds
· Terminal Services video recording
· Key stroke logging
· Privileged password management
· Implementing “choke points” for system administration
Compliance and litigation liability from data regulation is increasing. Horror stories of rogue admins abound. The vendor of a popular 2-factor authentication product widely used to secure privileged accounts reports a serious compromise of its systems. Today’s sophisticated attackers have much greater resources and a money driven motivation that yesterday’s teen hackers lacked. All of these dynamics make the risks of uncontrolled privileged accounts more critical than ever.
Learn how to protect privileged authority levels across your enterprise in this real training for free (TM) webinar. After my training session Jonathan Sander from Quest Software will showcase Quest’s new acquisition of eDMZ and demonstrate how their Total Privileged Access Management Suite dovetails with my session.