Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Protecting Sensitive and Critical Financial Data with Privileged Access

302 visualizaciones

Publicado el

As finance organizations are striving to provide top-tier services to employees and customers, they have the immense responsibility to ensure the security and integrity of the organizations network, systems and data to defend against cyberattacks. Like many other organizations, privileged users such as insiders and third-party vendors need access to applications, devices and critical systems to perform their job tasks. Results from Bomgar’s 2018 Privileged Access Threat Report showed finance organizations to be the most trusting when it comes to privileged access for insiders and vendors, when this industry ironically has the most to lose financially. Despite knowing that cyberattacks are increasingly likely, many organizations are still leaving large parts of their IT security to trust, without the means to monitor or manage privileged access.

Publicado en: Software
  • Inicia sesión para ver los comentarios

Protecting Sensitive and Critical Financial Data with Privileged Access

  1. 1. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 1 Protect Sensitive and Critical Financial Data with Privileged Access Adam White l July 10, 2018
  2. 2. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 2 • Cyber Breaches and the Finance Industry • Leading Attack Pathways • Survey Findings: 2018 Privileged Access Threat Report • Regulatory Requirements - Access + Credentials • Privilege Access Management – A Solution (include use cases) • Demo • Q&A • Additional Resources Agenda
  3. 3. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 3 • MONEY! • Data, Data, Data • Legacy security practices • Legacy solutions Why Financial Organizations Are So Attractive To Hackers
  4. 4. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 4 “Actor motives have historically been driven by financial gain, followed by strategic advantage aka espionage. Just under 90% of breaches fall into these two motives, with money once again leading the charge.” 2018 Data Breach Investigations Report, Verizon
  5. 5. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 5 • Organizations are too trusting of insiders and vendors • The amount of sensitive data processed and managed by financial institutions • Cyber attacks today are more sophisticated and well-funded given the increased value of the compromised data on the black market Risk Factors Affecting Financial Cyber Security
  6. 6. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 6 A Matter of Trust 2018 Privileged Access Threat Report, Bomgar
  7. 7. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 7 A Matter of Trust
  8. 8. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 8 In the News
  9. 9. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 9 In the News
  10. 10. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 10 Stolen credentials leading the way… 2018 Data Breach Investigations Report, Verizon
  11. 11. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 11 Cyber Breaches Show No Sign Of Slowing Down • Targeted attacks on corporate IT networks have increased in scale and public visibility • Hacker objective = bypass perimeter security, by stealing legitimate credentials to gain access • Phishing tactics are increasingly sophisticated and often involve social engineering
  12. 12. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 12 The privileged access threat landscape is growing with a higher risk of enabling cyberattacks and severe consequences Gartner, “Architecting Privileged Access Management for Cyber Defense, March 12, 2018 “ “
  13. 13. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 13 • The least privilege principle ensures a user account is provisioned with minimum entitlements that are essential to perform its intended function • Enforces general access control requirements across different environments and platforms to eliminate unnecessary access for privileged users Enforcing “Least Privilege” Reduces Attack Surface
  14. 14. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 14 • Solutions that manage privileged access cannot compromise the user experience • Adoption success is directly impacted by the product’s ability to support privileged users in completing their job tasks But “Least Privilege” Must Also Be Productive
  15. 15. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 15 “We immediately saw that with Bomgar Privileged Access, we could tighten our control over what privileged users could and could not do, as well as audit their actions. It’s a far superior approach than just giving them unrestricted VPN access.” VP of IS&T, AMOCO Federal Credit Union
  16. 16. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 16 Case Study – AMOCO Federal Credit Union • Eliminated use of VPN’s for vendor access • Gained Control of Privileged Access • Improved Productivity • Enhanced Security
  17. 17. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 17 Support Users. Access Endpoints. Protect Credentials
  18. 18. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 18 Bomgar Remote Support SUPPORT MORE More devices, more platforms, more people, more locations. Provide instant remote support to end-users on or off your network using Windows, Mac, iOS, Android and more. PROVIDE SUPERIOR SERVICE Improve service levels and customer satisfaction with seamless, high-quality remote support for every end-user. SECURE YOUR BUSINESS Securing in remote access tools is crucial in protecting your network from threats and meeting compliance regulations.
  19. 19. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 19 Bomgar Privileged Access PROTECT THE ACCESS Enable role-based access to specific systems and define session parameters, such as access timeframes, required approvals, and permitted functions. MANAGE ACTIVITY Actively manage the ongoing operational use of network devices and hardware on the network. ANALYZE & AUDIT DATA Understand what privileged users are actually doing within the network and audit for misuse, while meeting audit trail requirements.
  20. 20. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 20 Bomgar Privileged Identity SEAMLESSLY INJECT CREDENTIALS When integrated with Bomgar Privileged Access of Remote Support, users can directly inject credentials into end servers and systems without exposing plain text passwords. ROTATE & DISCOVER AT SCALE Rotate privileged identities at scale- up to thousands per minute- and easily randomize local account passwords while continuously detecting systems, devices and accounts as they come on and off the network. MANAGE SERVICE ACCOUNTS Automatically discover service accounts and their dependencies- both clustered and individual services- to achieve optimal system uptime.
  21. 21. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 21 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK
  22. 22. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 22 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓Broker the connection
  23. 23. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 23 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓Outbound connections
  24. 24. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 24 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓Multifactor authentication
  25. 25. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 25 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓Access to specific systems
  26. 26. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 26 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓Application whitelist / blacklist ✓
  27. 27. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 27 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓ ✓Access timeframes
  28. 28. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 28 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓ ✓Access approval workflow
  29. 29. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 29 How Do You Secure Privileged Users? PRIVILEGED USER CORPORATE NETWORK ✓ ✓Full audit trail with video
  30. 30. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 30 Windows, Mac, Linux SSH Telnet iOS & Android Mobile Amazon AWS Microsoft Azure Public Cloud Private Cloud VM Ware vSphere Citrix XenServer Microsoft Hyper-V Traditional Systems PCs, Servers etc. Secure & Manage Access Across Hybrid Environments
  31. 31. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 31 DEMO
  32. 32. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 32 But, Success Is Based On More Than Features “Usable Security” • Is the product easy for people to use? • Does it make their jobs easier, not harder? Make “least privileged” productive, not a hindrance
  33. 33. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 33 • 2018 Privileged Access Threat Report • Bomgar Privileged Access Management • Seamless Credential Injection • Bomgar Architecture for Secure Access • Bomgar Compliance Matrix Additional Resources
  34. 34. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 34 Thank You
  35. 35. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 35 Questions? Adam White l July 10, 2018 @Bomgar #bomgarwebinar

×