Privileged Access Management

download Privileged Access Management

of 24

  • date post

    06-Apr-2018
  • Category

    Documents

  • view

    218
  • download

    1

Embed Size (px)

Transcript of Privileged Access Management

  • 8/3/2019 Privileged Access Management

    1/24

    Secure Management

    of Access to

    Privileged Accounts

    using Hitachi ID Privileged Access Manager

    2011 Hitachi ID Systems, Inc. All rights reserved.

    http://hitachi.com/http://hitachi-id.com/
  • 8/3/2019 Privileged Access Management

    2/24

    Every IT asset has at least one local, privileged login account. This includes workstations, servers, net-work devices, databases, applications and more. Some assets also have privileged accounts used to runservices or authenticate one application to another.

    Passwords for privileged accounts are used to install software, manage the device and perform technicalsupport functions. They are often all powerful, having unlimited access to system functions and data.Consequently, compromise of privileged passwords is effectively compromise of the device.

    Secure management of access to privileged accounts is essential to IT security. This document identifiestechnical challenges and offers solutions for effectively managing large numbers of sensitive passwords.

    Contents

    1 Overview: The Business Problem 1

    2 A Simple Solution: Randomize Passwords 2

    3 Technical Challenges / Solution Requirements 3

    3.1 Platform Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

    3.2 Workstations: Location and Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

    3.3 Scalability to Millions of Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    3.4 Reliable Operation and Race Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    3.5 Fault Tolerance: Hardware, Network and Facility Problems . . . . . . . . . . . . . . . . . . . 4

    3.6 Encryption in Transit and Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    3.7 Connectivity and Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    3.8 Services and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

    3.9 Access Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

    3.10 Audit Trails and Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

    4 Architectural Elements 7

    4.1 Platform Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

    4.2 Workstations: Location and Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

    4.3 Scalability to Millions of Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74.4 Auto-discovery and Auto-configuration of Managed Systems and Accounts . . . . . . . . . . 7

    4.5 Reliable Operation and Race Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

    4.6 Fault Tolerance: Hardware, Network and Data Center Problems . . . . . . . . . . . . . . . . 8

    4.7 Encryption in Transit and Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

    4.8 Connectivity and Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

    i

  • 8/3/2019 Privileged Access Management

    3/24

    Secure Management of Access to Privileged Accounts

    4.9 Services and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

    4.9.1 Managing Passwords for Service Accounts . . . . . . . . . . . . . . . . . . . . . . 9

    4.9.2 Managing Application Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

    4.10 Access Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

    4.11 Audit Trails and Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

    5 Hitachi ID Privileged Access Manager 11

    5.1 Servers and Workstations: Push and Pull Modes . . . . . . . . . . . . . . . . . . . . . . . . 11

    5.1.1 Push Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

    5.1.2 Pull Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

    5.2 High Availability and Data Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

    5.3 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125.4 Auto-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

    5.5 Privileged Access Manager Network Architecture . . . . . . . . . . . . . . . . . . . . . . . . 14

    5.6 Platform Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

    5.7 Proxies to Cross Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

    5.8 Access Controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

    5.9 Application Programming Interface (API) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

    5.10 Reliable Password Changes and History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

    5.11 Cryptographic Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195.12 Logging and Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

    5.13 Learn More . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

    2011 Hitachi ID Systems, Inc. All rights reserved.

    http://hitachi-id.com/
  • 8/3/2019 Privileged Access Management

    4/24

    Secure Management of Access to Privileged Accounts

    1 Overview: The Business Problem

    In a typical enterprise-scale organization there are thousands of servers, workstations and network devices.

    Normally, there is a single, shared administrator password for every type of device. For example, onepassword may be used for each workstation of a given type or for every server with a given configuration.This is convenient for data center and desktop support staff: if they need to perform maintenance or anupgrade on a workstation or server, they know how to log in.

    Such static and well-known privileged passwords create both operational challenges and security problems:

    When administrator login IDs are shared by multiple IT users, there is no audit log mapping adminis-trative changes to individual IT staff. If an administrator makes a change to a system that causes amalfunction, it can be difficult to determine who caused the problem.

    When the same privileged account and password exists on many systems, it is hard to coordinatepassword changes. As a result, privileged passwords are rarely changed and are often known to

    ex-employees.

    These problems create security vulnerabilities. For example, if administrator passwords dont change, thenformer IT workers retain them beyond their term of employment. This clearly violates internal controls:

    former employees should not have administrative access to corporate systems.

    In most organizations, strong internal controls are mandatory. Privacy protection legislation such as HIPAAand GLB, as well as legislation regarding corporate governance such as SOX, requires that systems con-taining sensitive data be secured against unauthorized access. Effective management of access to privi-leged accounts is therefore not an option, but a requirement.

    2011 Hitachi ID Systems, Inc. All rights reserved. 1

  • 8/3/2019 Privileged Access Management

    5/24

    Secure Management of Access to Privileged Accounts

    2 A Simple Solution: Randomize Passwords

    The obvious way to eliminate static and shared privileged passwords is to change them regularly. If every

    sensitive password were randomized daily, control problems would be alleviated.

    Since IT users often need to sign into privileged accounts, randomizing passwords is only half of the solu-

    tion. Additional functions are required to control access by IT users to these accounts:

    1. Authentication of IT users who wish to gain privileged access to a system.

    2. Access control over which accounts IT users may access and when.

    3. Audit logs recording such access, to create accountability.

    The combined solution, capable of both randomizing large numbers of passwords and controlling access to

    password values