“- 81% of companies outsource part of their operations to external service providers – 90% have been victims of at least one security breach in the last 12 months – 18% of major security breaches were attributed to an external service provider.” Price Waterhouse Coopers Study 2015
How can you know how vendors
use credentials for your network ?
Many companies across all sectors task external service providers to help support their information systems on a temporary or permanent basis. Outsourcers, systems integrators, consultants and others with varied skills and areas of expertise can subsequently have access to the heart of a company’s information via privileged accounts.
What are security challenges
managing external service providers?
By enabling access to core information systems to several diverse providers, the company is exposed to various risks such as leakage, loss or theft of data, these actions breed a potential vulnerability or exposure to human error.
The risk is further extended when external service providers are themselves using their own subcontractors, prone to high staff turnover, where the loss of control is even more probable. This loss of control leads us directly to also ask questions regarding compliance and regulatory requirements facing most businesses: how to prove that your external providers comply with the rules of access to sensitive data or information management policy principles?
This presents real challenges when shared accounts are used both internally and externally e.g. in this context, how do you improve visibility and traceability, better control access privileges before, during and after an event?
How Privileged Access Management
Can Help Control External Provider’s Access?
Companies have long been using various solutions to provide secure access to their external service providers (IPSEC or SSL VPN, leased lines, internal developments, etc.). These solutions have drawbacks: the low granularity of rights, the need for specific security devices for each point of access, reporting failures that negates regulatory requirements, the constraint of having to transmit service passwords used on the account of the target device.
Privileged Access Management solutions protects sensitive daily activity of users privileges – administrators, super users – by securing access and accounts (shared or not). Privileged Access Management also provides visibility, control and the ability to predict the activity of each user’s privileges.
An effective and robust approach should involve
|√||Securing passwords in a certified vault|
|√||Their management, create, hide, reveal them, renew|
|√||The definition of access to each target system for each target user and revocation|
|√||The real-time monitoring of connections and each user’s activities|
|√||The generation of events or alerts|
|√||Recording and the review of video recordings of sessions privileges|
|√||The creation of a reliable and enforceable audit trail|
|√||The provision of statistical reports and behavioural analysis|
The Wallix Approach
To Privileged Access Management
We start from the premise that the value of a Privileged Access Management solution lies in both its functional and technological wealth as in its ability to be implemented, accepted and used. We have designed our WAB Suite to cover all risks relating to access privileges in the shortest time possible. This combination of two factors “risk coverage” and “coverage period” is the WALLIX single solution.
Key benefits of Privileged Access Management
offered by the Wallix AdminBastion solution
WAB Suite provides a simple and effective answer to the need to control external providers bypassing all of the following constraints :
|√||No agents to install on target systems|
|√||Monitoring plus recording sessions and connections to any target system: Windows, UNIX, Linux servers, Network devices etc.|
|√||Granular rights to address each unique external service provider based on the required scope of intervention required|
|√||Log providers via personal password without the knowledge of the target password|
When potentially so many external service providers are involved in the management of core information systems, WAB Suite from WALLIX allows IT departments to act quickly, reducing the risk of leakage via its rich functionality, offering cost effective deployment, WAB Suite is the natural choice. Without compromise, WAB Suite also delivers integration with existing automated IT systems whilst for many companies maintaining appropriate regulatory standards (ISO 27001, SOX, Basel II etc.) to achieve the highest levels of compliance.