Menu:

• Risk Management
• Security Consulting
• Identity Management
• Security Assessment
• Forensics
• Contact Us
• Home

Privileged ID Management

Most organizations today are focused on the management of their standard users. While there are significant benefits to these types of projects, from a risk management perspective it is the privileged user with escalated entitlements that are the target and potential source of internal attacks and vulnerabilities to an organization.

Within the category of Privileged Identities there are 5 types of IDs:

Individual Support
(used in normal adminstrative support duties)
Shared Support
(this is where more than one person has access to the credential)
Functional
(usually embedded in scripts or the ID "acts" on behalf of another and is limited in functionality)
Temporary also known as "Fire Ids"
(to allow for temporarily escalating privileges in the case of an outage)
Robotic Process Automation
(much like a functional id but with individual user capabilities)

RMSec has extensive experience in consulting on this category of IDs. An outline of a sample engagement is shown beloww:

Objective:

• Establish a standardized framework to ensure that individuals are provided privileged access based on the principle of least privilege.

Key Activities:

• Mapping of operational roles to system privileges in order to define a minimum access baseline.
• Identification of privileged accounts and their associated entitlements.
• Review of existing privileged access entitlements to identify and validate significant exceptions from baseline.
• Remediation (or removal) of accounts with inappropriate access across the Enterprise.
• Implement a process to identify and assign ownership for existing functional accounts contained within different platforms.
• Develop and implement a process for capturing key attributes (e.g. last password change, owner, interactions, date of inception)

Benefit: Risk Mitigation

• Improved efficiency and reliability in the provisioning and revocation of privileged access;
• Prevention of unauthorized access to system/data by validating privileged access rights and removing unnecessary privileges;
• Fraud prevention and improved integrity of business data through the restriction of privileged access to individuals with a business need; and
• Increased compliance to Organizational Security Standards and regulatory requirements (e.g. SOX, PCI).

	Enter your search terms Submit search form

Copyright © 2009 - 2019 RMSec Consulting Inc.
email us for more info