© BeyondTrust 2019

2019

Eylam Tamary

BeyondTrust and TAG Company SrlREDUCE DATA BREACH RISKS WITH

AN INTEGRATED PAM PLATFORM

Carlo De Luca

Business Partner

© BeyondTrust 2019

PRIVILEGED ACCESS MANAGEMENT

CHALLENGES

Employees, vendors, and other insiders

have unnecessary or excessive access

to systems and data

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIES

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIES

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

VULNERABILITYMANAGMENT

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

VULNERABILITYMANAGMENT

SECUREREMOTE ACCESS

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

VULNERABILITYMANAGMENT

SECUREREMOTE ACCESS

ENDPOINT LEASTPRIVILEGE

SERVER LEASTPRIVILEGE

© BeyondTrust 2019

OFFICE INFRASTRUCTURE

3rd PARTIESATTACKERS

VULNERABILITYMANAGMENT

SECUREREMOTE ACCESS

PASSWORD & SESSIONMANAGEMENT

SERVER LEASTPRIVILEGE

ENDPOINT LEASTPRIVILEGE

#© BeyondTrust 2019

risk by the numbers

62% of companies aren’t adequately tracking privileged access 4

80%of breaches are the result of privileged account abuse or misuse.3

9 OUT OF 10 vulnerabilities are associated with excess admin rights 1

6.

1. 2018 Microsoft Vulnerabilities Report, BeyondTrust2. 2018 Verizon Data Breach Investigations Report3. 2018 Forrester Wave: Privileged Identity Management 4. 2018 Privileged Access Threat Report, BeyondTrust

28%of breaches involve insiders 2

Improperly Managed Privileged Access and

Accounts Put Your Organization At Risk

© BeyondTrust 2019

Attack Surface Continues To Evolve

SaaS + Cloud Admins - Superuser Accounts - Database & Application Admins - Privileged End Users - Developers - Machine Password & Keys

DevOps

• DevOps and SecDevOps Tools

• Dynamic Virtual Environments

• Containers

• Microservices

Internet of Things

• Roaming workstations

• BYOD

• Cameras

• Sensors

• Printers

• Any device with embedded

Internet connectivity

Cloud & Hybrid Cloud

Cloud Management Platforms (AWS, Azure)

Virtualized Environments (VMWare, MSFT)

Virtualized Machines (UNIX, Linux, Windows)

SaaS Apps (Facebook, LinkedIn, Custom)

On-Premise

• Shared Administrator Accounts

• Desktops (Windows, Mac)

• Servers (Unix, Linux, Windows)

• Industrial Control Systems

• Security & Network Infrastructure

• Applications & Databases

• Machine Credentials (App to App)

• Hypervisors & Virtual Machines

Expansion of Privileged Accounts

© BeyondTrust 2019

STAGE 1

Perimeter Exploitation

Attackers Exploit These Vulnerabilities To

Compromise IT Networks

STAGE 2

Privilege Hijacking

& Escalation

STAGE 3

Lateral Movement

& Exfiltration

Vulnerable accounts, systems, and uncontrolled remote access

are targeted

Compromised passwords are leveraged to hijack or elevate

unmanaged credentials or excessive privileges

Limited visibility enables the compromise of other network

resources

© BeyondTrust 2019

BeyondTrust Closes The Gaps

Identify and remediate vulnerabilities

Enforce least privilege

Limit access to sensitive assets

Eliminate shared accounts and password sharing

Reduce default user privileges

Monitor all privileged activities

Gain a holistic view of enterprise-wide security

Correlate and analyze behavior

Send alerts and contain threats

STAGE 1

Perimeter Exploitation

STAGE 2

Privilege Hijacking

& Escalation

STAGE 3

Lateral Movement

& Exfiltration

© BeyondTrust 2019

BEYONDTRUST INTEGRATED

PAM PLATFORM

Defend against threats related to stolen credentials,

misused privileges, and unwanted remote access, while

empowering end users

© BeyondTrust 2019

© BeyondTrust 2019

BeyondTrust Is An Industry Leader

Forrester PIM Wave, 2018 Gartner PAM Magic Quadrant, 2018 Forrester VRM Wave, 2018

© BeyondTrust 2019

MILLIONS OF USERS IN MORE THAN 80 COUNTRIES

20k+ Customers Trust Our Solutions

Hospitality &

Entertainment

Banking & Finance Retail

Insurance & Healthcare Government & EducationManufacturing & Utilities

Technology &Software

© BeyondTrust 2019

Ecosystem IntegrationMAXIMIZE YOUR EXISTING IT INVESTMENTS

PlugIns

Service Management

Threat Analytics

Vulnerability

ManagementIdentity

Governance

SIEM &

GRCIdentity

Access

Management

Cloud

DevOps

© 2018 BOMGAR© BeyondTrust 2019

The BeyondTrust Advantage

BROADEST SET OF PRIVILEGED ACCESS

CAPABILITIES IN THE INDUSTRY

• All from one company, with the combination of

BeyondTrust, Bomgar, Avecto, and Lieberman

Software in 2018

FLEXIBLE, EXTENSIBLE PLATFORM

• Designed to simplify integrations, enhance user

productivity, and maximize investments

HISTORY OF INNOVATION

• 30+ years of privilege security “firsts”, an expansive

roadmap, and an extensive partner community

around the world

© BeyondTrust 2019

Gain visibility and control over all

privileged accounts, users, and access

BEYONDTRUST

SOLUTIONS

© BeyondTrust 2019

PROTECT PASSWORDS AND CREDENTIALS

ELIMINATE EMBEDDED PASSWORDS IN APPS

REMOVE ADMIN PRIVILEGES FROM USERS AND SYSTEMS

CONTROL APPLICATION USAGE

REDUCE RISK FROM THIRD PARTY ACCESS

SUPPORT USERS, DESKTOPS, AND DEVICES

MEET COMPLIANCE MANDATES

Use Cases

#© BeyondTrust 2019

Protect Passwords & Credentials

PRIVILEGED ACCOUNT DISCOVERYFind and onboard credentials quickly with insight on

age and status

SHRINK YOUR ATTACK

SURFACE AND REDUCE

THE RISK OF A CYBER

BREACH

CENTRALIZED PASSWORD STORAGEManage, rotate, and randomize credentials for

privileged accounts

BEYOND USER PASSWORDSManage credentials for service accounts, cloud

services, SSH keys, and app to app access

CREDENTIAL INJECTIONAccess endpoints directly without exposing plain

text passwords

AUDIT & COMPLIANCETrack and log privileged credential activity

automatically and set granular permissions

#© BeyondTrust 2019

Eliminate Embedded Passwords in Apps

CREDENTIAL DISCOVERYFind passwords and keys embedded in applications,

scripts, and other code

CONTROL SCRIPTS, FILES,

CODE AND EMBEDDED

KEYS TO CLOSE

BACKDOORS TO YOUR

CRITICAL SYSTEMS

CREDENTIAL REMOVALEliminate embedded or hardcoded credentials and

service accounts and replace them with REST API calls

EXTENSIVE REST INTERFACELeverage multi-language support, including C/C++,

Perl, .NET, and Java

MONITORING & REPORTINGLog and audit application and other non-human

credential activity

#© BeyondTrust 2019

PREVENT ATTACKSRemove admin rights from all users to close gaps that

lead to ransomware and malware propagation

ACHIEVE COMPLIANCEMeet best practices for removing admin rights and

whitelisting applications

IMMEDIATE SECURITY GAINSAchieve fast time to value by removing admin rights

quickly

VISIBILITY INTO USER ACTIVITYCreate a consistent audit trail with integrated

session and file integrity monitoring

OPERATE EFFICIENTLY AT SCALEReduce helpdesk tickets, simplify maintenance, and

enable an admin-free environment

Remove Admin Privileges From Users and Systems

ENABLE USERS TO WORK

PRODUCTIVELY WITHOUT

ADMIN RIGHTS

#© BeyondTrust 2019

Control Application Usage

TRUST BASED WHITELISTING

Set flexible rules including automatic approval for

advanced users and challenge-response codes

ELIMINATE UNKNOWN AND

UNWANTED APPLICATIONS

IN YOUR NETWORK

VULNERABILTY BASED APP MANAGEMENTLeverage vulnerability data to provide intelligence on the

risk of applications targeted for elevation

CLEAR & CUSTOMIZABLE MESSAGINGImprove the user experience by enabling branded messages

to support access to previously unsanctioned software

SUPPORT FOR MULTIPLE APPLICATIONSCater to the needs of all users and tasks with support

for a broad set of application types

#© BeyondTrust 2019

Reduce Risk From Vendor Access

SECURE REMOTE ACCESS

Provide third-party vendors with secure, reliable

connections to access your network externally

CONTROL AND MANAGE

THIRD PARTY ACCESS TO

YOUR NETWORK

ACCOUNT ROTATIONRotate or reset vendor accounts automatically based on

your specifications

ACCESS ELEVATIONGrant vendors temporary elevated access, or limited to

certain timeframes

MONITORINGLog all session activity for a complete audit trail and

real time reporting

#© BeyondTrust 2019

SECURE REMOTE SUPPORTProvide fast remote assistance to any desktop, server, or

mobile device with screen sharing and remote control

MONITORINGLog all session activity for a complete audit trail, with

real time reporting

CHAT SUPPORTIncrease support staff productivity and end user

satisfaction

REMOTE CAMERA SHARINGPerform remote support on anything your customer

can see, including hardware and peripherals

INTEGRATIONS Maximize existing investments with CRM and ITSM

tools and password management solutions

Support Users, Desktops & Devices

QUICKLY ACCESS AND FIX

ANY DEVICE OR DESKTOP,

ANYWHERE, ON ANY

PLATFORM

#© BeyondTrust 2019

GRANULAR PERMISSIONSAssign permissions individually or through group

policies for privileged users & IT vendors

AUDITING & MONITORINGLog all session activity for a complete audit trail with

real time reporting

PASSWORD PROTECTIONEnforce password policies and automatically rotate

passwords

ENCRYPTIONSecure all communications between the user and the

remote systems using TLS 1.2 encryption

TWO FACTOR AUTHENTICATIONUtilize native 2FA or integrate with your existing

solution

Meet Compliance Mandates

SATISFY AUDIT AND

COMPLIANCE

REQUIREMENTS QUICKLY

AND EFFECTIVELY

© BeyondTrust 2019

The broadest set of privilege security capabilities

available in one platform

BEYONDTRUST

PRODUCT PORTFOLIO

© BeyondTrust 2019

ProductsPASSWORD SAFE

ENDPOINT PRIVILEGE MANAGEMENT

SECURE REMOTE ACCESS

VULNERABILITY MANAGEMENT

CHANGE AUDITING

© BeyondTrust 2019

Password Safe

ENABLE UNIFIED

PASSWORD & SESSION

MANAGEMENT

Powered by PowerBroker

DISCOVERY & AUTOMATED ACCOUNT BOARDINGScan, identify and profile all assets and accounts

ADVANCED THREAT ANALYTICS & REPORTING

Correlate anomalous behavior against a baseline and

compare user activity against asset vulnerability data

ENHANCED SESSION MONITORING & MANAGEMENT

Provide full session recording and real-time visibility into

privileged user behavior

TURNKEY DEPLOYMENTEnable fully hardened appliance (OS, application,

database) with packaged updates for maintenance with a

single interface to configure and manage solution

© BeyondTrust 2019

Endpoint Privilege Management

ELIMINATE UNNECESSARY

PRIVILEGES & ELEVATE

RIGHTS TO WINDOWS,

MAC, UNIX, LINUX &

NETWORK DEVICES

Powered by PowerBroker + Avecto

COMPLETE PLATFORM COVERAGE

Protect Windows, Mac, Linux, Unix, and network devices

as well as Cloud, IoT, DevOps endpoints

QUICK STARTLeverage immediate out-of-the-box deployment model and

reference best practice architectures for rapid deployment

GRANULAR APPLICATION & COMMAND CONTROL

Enforce least privilege and application control, implement

remote application and command execution on all

platforms, and provide advanced control and audit of

commands, files, and scripts across Linux/Unix

© BeyondTrust 2019

Secure Remote Access

SECURE AND CONTROL

PRIVILEGED REMOTE

ACCESS FOR INSIDERS &

VENDORS

Powered by Bomgar

SECURE BY DESIGNEnable a single tenant appliance architecture, with a unique URL and customized portal, comprehensive authentication methods, and role based policy management

BUILT FOR THE SERVICE DESK & VENDOR ACCESSConnect from anything, to anything, with comprehensive

features designed to maximize productivity – no VPN required

FLEXIBLE DEPLOYMENT & LICENSING OPTIONSSelect on premise (physical/virtual), SaaS or private cloud

deployment and perpetual or subscription concurrent licensing

INTEGRATED WITH PASSWORD & SESSION MANAGEMENTRetrieve privileged credentials automatically when

accessing target systems, with no need for users t0 view

plain text passwords

© BeyondTrust 2019

Vulnerability Management

IDENTIFY, PRIORITIZE &

REMEDIATE VULNERABILITIES

& INFORM PRIVILEGE

DECISIONS WITH RISK

INSIGHTS

Powered by PowerBroker

ZERO GAP COVERAGEDiscover and assess any IT resource in the organization including network, web, mobile, cloud and virtual infrastructures in every lifecycle phase, from assessment to remediation

DEEP REPORTING & ANALYTICSUtilize a single dashboard to ensure that all teams have the information they need to effectively manage application and asset risk

INTEGRATED SCANNING

Retrieve credentials with the highest level of privileges through

native integration with Password Safe

RISK IN CONTEXTProvide a holistic view of enterprise-wide security,

including risk from users, accounts and their privileges,

and other security solutions such as SIEMs and firewalls

© BeyondTrust 2019

Change Auditing

GAIN REAL-TIME AUDITING &

RECOVERY FOR WINDOWS

ENVIRONMENTS

Powered by PowerBroker

AUDIT & ALERTAudit the who, what, where and when of changes and alert to those changes, including Active Directory, file systems, Exchange, SQL and NetApp

RECOVER & ROLLBACKProvide rollback and restore of any Active Directory changes or deletions, and backup and restore of Group Policy, protecting the business from downtime

DISCOVER & ENFORCEDeliver entitlement reporting, ensuring that users have access to the

resources – and only those resources – they need to do their jobs

SINGLE MANAGEMENT CONSOLECentralize auditing, reporting and recovery into a single

web-based interface, with more capabilities than native

tools and a unified view of changes

© BeyondTrust 2019

Eylam TamaryEylam@tagdistribuzione.com

Thank You

Carlo De Lucac.deluca@braint.it