Protecting ALL the Privileged Accounts in Your Environment and the Cloud

Webinar Registration

You can't protect what you don't know exists. So before you launch into a privileged account lockdown project you need to start with really understanding how many such accounts exist. Most of the time organizations significantly underestimate.

Administrator on Windows and root on Linux are just the beginning. Let's think about a web application farm running some off the shelf software package. Let's say there are 3 web servers and 2 database servers. One OS root/admin account per system is a given. Next there's the DB super user account such as “sa” on SQL Server. Next, if the application is running on Windows/IIS there are

  • Service accounts for the DB
  • Service accounts for the application
  • AppPool identities
  • Accounts used by the application to access the database

And don't forget the hardware level accounts used for logging on to the motherboard itself for remote maintenance and control.

All of these should be considered privilege accounts. That brings me to another issue we'll discuss in this real training for free ™ event: how do you define privileged accounts. That's really a pre-requisite to get resolved before you even try to discover privileged accounts.

These are just the built-in / system-required accounts for the application. On top of that are other accounts for system management and actual human IT staff. Privileged users should include more than just accounts with full admin or root authority. Other users may be less privileged but are still privileged. This would include perhaps helpdesk staff with password reset authority or operations folks who have backup authority.

It turns out that there are probably event people, outside of IT, in your user departments that should be considered privileged accounts and subject to similar safeguards.

But you can't stop at the network. Cloud apps and services have privileged accounts too and there's no difference in the security requirements. In fact I know of a technology startup that completely went out of business when their AWS admin portal was hacked.

In this webinar we will look at methods and tools for helping you systematically catalog and maintain all the privileged accounts in your organization – whether on prem or in the cloud. And we'll give you a list of criteria to choose from in defining what “privileged” means for your organization.

Thycotic is our sponsor and Joe Carson will provide insights from his clients he works with on privilege management all the time. Joe will also briefly demonstrate how Thycotic addresses these issues and we'll show you some free tools including

  • Windows Privileged Account Discovery
  • Unix/Linux Privileged Account Discovery

Please join us for this real training for free event.

First Name:   
Last Name:   
Work Email:  
Phone:  
Job Title:  
Organization:  
Country:    
City:  
State:  
Zip/Postal Code:  
Industry:  
Company Size:
 

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.

 

 

Additional Resources