Post on 01-Jan-2021
THYCOTICP R I V I L E G E D ACC E S S M A N AG E M E N T
Enrico Perotti - Regional Sales Manager Italy
Marco Di Martino - Sales Engineer International
Protecting privileged accounts has the greatest impact of any cyber security strategy
3
80%80% of
breaches involve
privi leged credentials
2018 Forrester Wave Privileged Identity Management
85% of cyber at tacks enter
through compromised
endpoints
SANS
29% of breaches
involve use of stolen
credent ials
2019 Verizon Data Breach Report
Under-the-radar service accounts“These privileged credentials are usually not inventoried, changed, or controlled, meaning that hackers can use them to gain easy access to business-critical applications.” – Forrester
DevOps CI/CD pipelines“ Instances of hard-coded credentials, credentials appearing in source code repositories, no credential rotation or highly fragmented approaches to credential vaulting… these challenges represent risk “– Gartner
Cloud infrastructure“ The explosion of cloud services has driven proliferation of privileged accounts and credentials to a state that, for most organizations, is unmanageable without processes and tools“ – Gartner
Business Users
External Vendors
Windows Admins
Unix Admins
Applications
Services
Data Center
Network Devices
Cloud DevOps Endpoints
IT DOMAIN
ACCO
UNT
TYPE
The key point: A PAM solution must include all privileged accounts
Op Tech
OT DOMAIN
01 IDENTITY 02 SECRET 03 SYSTEM
Privileged User Password
Repository
Enforce a Zero Trust model for all users at all times Implement a principle of Least Privilege across all access
Enable Visibility, Governance & Alerting across all access
04 FUNCTION
Secret ServerIIS Web Server
Secret ServerSQL Database
Thycotic Apps
Discovery& Import
PasswordRotation
SIEMlogging
Ticketing Integration
Real-TimeAlerts
Real Time Analysis
Auditing &Reporting
Session Control
IP Whitelist2FA & SSO
Threat Scoring
Admin FunctionsRBAC Analytics
Machine Learning
Alert Actions
SessionMonitoring
Privileged Users
User FunctionsRBAC
Request for Access
SessionLauncher
Customise& Extend
Why Thycotic in general and now under the crisis?
7
In order to manage, get visibility of, govern and alert on remote access and privileged access
• Single pane of glass
• Easy changes
• Full audit and reporting
• Session monitoring
• Workflow approval
Because the platform is highly intuitive
• Can be deployed easily
• We can PoC the solution in 4 hours to have you evaluating the value
• The time you invest initially can be a benefit for the (near) future for security and operation
What customers say about us
Requires Less, Covers More
Thycotic requires a small footprint and covers
compliance requirements.
IT SPECIALIST, SERVICE INDUSTRY
Adoption Skyrockets
Adoption has been organic without a need to strongly push the tool. It’s intuitive,
requiring very little training to get our teams up and running.
INFOSEC MANAGER, SERVICE INDUSTRY
Performance & Ease of Use
We are very pleased with performance and ease of
use, especially compared to the product it will replace.
CISO, FINANCE INDUSTRY
Agility & Security
Total Cost of
Ownership
Privileged accounts are a target for breaches
Global average to detect cyber incident is 191 days*
Source : 2017 Ponemon Institute’s Cost of Data Breach Study
Exploit vulnerability to escalate privileges
Analyze victim’s behavior
Identify Key dataPush a malware
Steal Privileged Credentials
1 3 5
2 4 6
Data exfiltration
Privilege is all around
OPM credentials were stolen from a third-party contractor
Third-party account was used to gain domain access on the OPM network
Compromised privileged accounts were used to scan the network, map out a plan for lateral movement, and pivot to the Dept of the Interior
Privileged credentials were used to access systems with sensitive data and install malware
1 2 3 4
info@adcgroup.com
📞+39 059 747 0500
We are here to help you
Working days 9am to 6pmMon - Fri
GRAZIE PER L’ATTENZIONE
AD Consulting S.p.A.Sede Centrale, legale e operativa: Via Natalia Ginzburg, 40, 41123 Modena (MO)t. +39 059 7470 500
ufficiMilano - Vimercate - Roma
Padova - Sesto Fiorentino