Recently we’ve been looking at the relationships between users, groups of users and devices. There were two motivations for these investigations:
- To ask how complex these relationships are, with a view to establishing if this complexity hides security risks
- To determine how Osirium could illustrate these relationships in a manner that our customers could make sense of
At Osirium, we have a large test environment that is modelled on one of our largest customers. By experimenting across a range of visualisation techniques within this environment, we found that in even a reasonably sized admin team (about 300 users and 200 devices) the relationships become very complex, very easily. And why is this? Well, because business services rely on a chain of devices for delivery to end users, and because Sysadmins need an overview of that chain, Sysadmins for a set of business services will need access to all devices. However, this can cause over-privilege chaos.
With Osirium, over-privileging can be avoided. Users and devices are joined through profiles, which can be basically described as: “These users can use these tools and task on these devices at these roles or privilege levels”. Take a look at our video to see how Osirium can help with your privileged user management.