Technologies We Trust

Together with our trusted partners, Security7 Networks delivers the technology that keeps you safe

idaptive-01

Privilege Management Suite

A flexible, highly granular privilege management solution. Users can get work done while reducing your risks. Make implementing least-privilege approaches easy.

Why Privilege Management is Important:

The least-privilege principle states that every module (in this case a user or application) must be able to access ONLY the information and resources that are necessary for its legitimate purpose.

But what exactly does that mean? Let’s look at it from a different perspective:

You’ve just bought a brand new house in a new, well-kept but unfamiliar neighborhood. You go to the local hardware store and have a bag of keys cut that will unlock your front door.

As you walk home, you decide to give a brand new, freshly cut key to everyone you meet. You think “the neighborhood looks safe. These people look fine. I trust them with access ” Perfectly ok right?

No.

So, let me ask you a question; if you wouldn’t give people free access to your home why would you give a user or application free access to your network or computer systems?

You network ecosystem can be opened up to a host of potentially harmful actions if you don't privilege people or applications correctly.

It’s a prime example of Murphy’s Law; “what can go wrong, will go wrong.” Idaptive will help you avoid potential disaster.

Over time, using the least-privilege principle and Idaptive’s Privilege Management can provide you with three simple but important things:

  • - Better system stability
  • - Better system security
  • - Ease of deployment regarding users, applications and other modules

Common Bad Practices and how Idaptive Privilege Suite is Different:

It’s surprisingly easy for a company to fall into a privileging pitfall. Let’s look at some bad practices:

Default Administrative Account/Shared Credentials - Rather than setting up your network administrators with their own, unique administrator account they use one, shared account to access all of the administrative features.

Using one shared account not only makes a network or computer system insecure, but it also strips out any user accountability. If everyone is using the same credentials how would you be able to determine who might have changed a setting or caused a problem on your system?

You can’t. At least not easily.

Individual Administrative Accounts without User-Level Accounts - Setting your admins up with unique administrative accounts is a step forward from sharing credentials, but you’ll still potentially run into issues if those administrators don’t use complementary user level account as well.

A user level account a “computer account that has user-level privileges (and) can be used to access email, browse the internet and run programs that the account is authorized to access.”

In comparison, an administrative account is a “computer account with administrator-level privileges can do all of the same things as a user level account, and also can be used to install software on the system and configure computer and network settings.”

Even though you’ve got users who are administrators, it doesn’t mean they should always log into the system with an administrative account. Using administrative accounts all the time opens you up to a host of potential threats like malware, viruses and hostile takeovers of your system if that administrator isn’t careful.

Using the principle of least privileges as described above and Idaptive Privilege Management, you’ll be able to:

  • - Easily increase security and accountability by having fewer shared accounts.
  • - Easily assign or revoke the right privileges for users across Windows, Linux and UNIX systems.
  • - Realize operational efficiencies through integrated authorization, authentication and audit that leverages
       existing investments in Active Directory
  • - Prove compliance with regulations and industry mandates to auditors with a single view into the control
      and security of user privileges
  • - Ensure all privileged activity ties to an individual. Users log in as themselves, seamlessly elevate privilege 
      and all activity audited.

Benefits:

  • - Role-based Access Controls Make Least-privilege Easy - Least-privilege access gives you strong controls
      over your users’ privilege and reduces your risk from a range of threats.
  • - Idaptive’s patented Zones technology provides highly granular, role-based access controls that simplify the
      implementation of a least-privilege-access model across more than 450 Windows, Linux and UNIX
      platforms.
  • - Seamless Privilege Elevation With Dynamic Access Restrictions - Secure your Windows, Linux, and UNIX
      systems by controlling what users can access and when.
  • - Unlike de-centralized single-purpose tools like Sudo, Idaptive Server Suite lets you configure dynamic
      privileges so that users can only elevate privilege at specific times, for a length of time and on particular
      servers.
  • - You can also isolate servers based on time and trust relationships to further protect sensitive data.
  • - Powerful Tools Automate Privilege Creation and Assignment - Idaptive Server Suite provides a robust set
      of tools to simplify adoption and management of a least-privilege access model.
  • - Server Suite includes tools to assess identity-related risk, assign predefined roles and rights, import
      existing Sudo-files, automate the creation of new roles and rights, create reports and meet audit
      requirements.
  • - Tailored Reporting for Regulatory Compliance - Quickly generate or schedule comprehensive, attestation
      reports to prove access control compliance with government regulations and industry mandates.
  • - Provide auditors with reports that document individual user access, administrative privilege, and activity of
      who did what, where and when. Associate privileged action with specific individuals to establish
      accountability.