To mitigate risk
- Prevent access breaches through privileged accounts
- Monitor activities carried out by privileged users
- Enforce accountability for use of generic privileged accounts
- Enforce granular access restrictions as required by user roles
- Limit privileges of admin accounts
- Maintain complete audit trail of privileged activities (i.e Audit Logs / Screen Recording of every session )
(Read more: Under the hood of Top 4 BYOD Security Technologies: Pros & Cons)
To improve efficiency
- Reduce management overhead of maintaining large number of passwords using password fault
- Single Sign On (SSO) – for Servers/Databases/Network Elements/URL’s/Thick Clients
- Securely extend access to remote vendors ( i.e OTP Based , Time based access )
- Audit Logs / Screen Recording of every session
- Authorization Workflow
- Central Reporting & Alerting ( SMS & Email alerts )
To ensure compliance
- Comply to regulations and standards ( SOD principle , IS0 27001 Reports )
- Meet password policy compliance requirements
Solution Evaluation Checklist must focus on functionality, security, vendor profile, integration, ease of implementation and total cost of ownership. Here is a complete comparison of Iraje, CA Control Minder & Arcos and the comparison parameters.
-With Saurabh Kaushik, Head - IT Security, Lupin Group on Privilege Identity & Access Management (PIM) Implementation
(Read more: Hardware Trojans: Sneak Peek into the Future)
Comments