| |
|
|
 | | Home > Solutions > Privileged User Audit Security | | Privileged User Audit Security | All companies rely on there privileged or inside users to keep things running smoothly and to complete critical business transactions. Traditionally, the definition of a “Privileged Users” has been based on the network-centric IT world and defined as IT system administrators who have access to networks, applications or data that go well beyond their job responsibility. In today’s data-centric world of computing the definition of a privileged user can go well beyond just IT administrators.
Due to new regulations and segregation of duty rules the definition of a privileged user must now be expanded to include; Senior managers, key line of business managers, engineers, designers and even the accounting team when considering SOX compliance. Privileged users can be defined as all users with access to sensitive and valuable information in any organization across the enterprise. All of these users have the potential to put sensitive data at risk.
For privileged users to be successful, and the enterprise to operate smoothly, these users can not be encumbered by restrictive security polices or technology. Historically, companies have attempted very few strategies to manager privileged users. Some of the common approaches that companies have taken to manage privileged users include: trust, paper policies and training, or the deployment of network based security technology. These approaches continue to fail.
1) Take no security policy or technology actions and rely on the honesty of the privileged user - Problem - a very small percentage of users are not honest and the actions of one or a few can lead to hundreds of millions of dollars of loss
- Problem – Bad things can happen to good people, a lost laptop or USB device can make headline news without regard to “good intentions.”
2) Apply paper documented controlling policies enforced through manual internal audits.
- Problem - This approach is often used to meet minimum compliance standards and although it often finds data compromise, it not preventative, it is time late and the manual audit process is slow and expensive.
- Problem – often “honest” users will work-around restrictive policies and controls with the "best intention" of completing required tasks while unknowingly putting data at risk.
3) Deploy network based technology that attempts to monitor and filter privileged network traffic. - Problem - This technology is unable to monitor any activity at the "point of use" and therefore can not discover, monitor or prevent the loss of data through USB devices, local drives or burning data to CD or DVD.
- Problem - Network based technology will often miss encrypted or "tunneled" data traveling over the network. Knowing these technology limitations, privileged user can easily defeat network systems.
The Verdasys Difference
With Digital Guardian, automated compensating controls can be enforced across different types of privileged users with centrally managed security polices defined at the group or individual user level. Digital Guardian’s unique and proven agent based architecture mitigates the risk of potential data loss or compromise by privileged or inside users, while enabling these same users to have greater access to the sensitive data required to complete their tasks.
Unique Capabilities - End point monitoring, both on and offline - takes action before the data is compromised
- All users are monitored and all activity is recorded and auditable – even privileged user activity, including real-time alerting to appropriate managers.
- Segregation of duties through access and usage controls
- Complete audit records of all privileged users
- Invisible, hardened, very difficult to defeat agent architecture
- Deterrence of risk activity through real time warning and justification prompts
- Privileged user monitoring on older legacy, mainframe or custom applications utilizing the Digital Guarding Application logging and masking module
|
|
|
