Introduction – Marc F. Potter

25 years of Security Experience

Companies

Dell Security

Quest Software

CA Technologies

Cabletron Systems

Technologies Backgound

Security Event Management

End Point Security

Identity Governance

Privileged Management

ObserveITWorldwide Vice PresidentCorporate Strategy and Business Development

Agenda

Current State of Managing Risk

Future State of Managing Risk

How CA Privileged Management Helps

3 Steps to Reduce your User Risk Posture

Next Steps

SystemsApps Data InternalIT Users

BusinessUsers

VendorContractor

Do you know who your high-risk users are?

Do you have the visibility into high-risk activity?

Are you focused on the right profile of users?

Database

NetworkAppliance

VirtualServer

Windows/UNIX/Linux

Application

Multiple Device Types

CAControlMinder

Secure Password Storage

IndividualAdministrators

SharedPrivilegedAccount

PasswordCheck-In

&Check-Out

Automatic Logins

Shared Account Management

Manual

Logins

11

Business Users

84% of Insider based breaches involve users with no admin rights(Ponemon)

IT Users

62% of admin-caused breaches due to human error (Ponemon)

Contractors

Breaches involving contractors have significantly higher data loss and severity (VDBIR14)

•••

OFFLINE MACHINE3RD PARTY MACHINE

MACHINE ID MAPPINGHELPDESK MACHINEREMOTE DESKTOPPC ADMIN RIGHTS

FINANCE DEPARTMENTCALL CENTER USER

ACCOUNTS PAYABLECONTRACTS TEAM

AUDITORDOCTOR/NURSE

CITRIX USER

•••

APPLICATIONSDATABASES

SERVERSNETWORKS

(PASSWORD VAULTS)

APPLICATIONSSENSITIVE DATA

FILE SHARESCLOUD SERVICES

BusinessUser

CitrixUser

ITUser

1. Identify User-Based Access RiskBusiness Users ContractorsIT Administrators

2. Monitor and Alert on Suspicious ActivityCapture Behavior PatternsProfile Risk and AcceptanceAlert on Suspicious Changes

3. Investigate and RemediateForensics Log SearchNotification and PreventionSession ReplaySession Kill