Published: 06 April 2016
By Andy Harris
On the 6th April 2016 we will be kicking off a workshop discussion on Privileged Access Management and how this relates to Privileged Users along preventing and deterring Insider Fraud. Along the way we'll be outlining the incursion routes that most external attackers use.
You might be interested to know that there's a cool evening event that goes with the workshop if you'd like to come along, two top class comedians, beer and food -- what's not to like about that?
For details, click Here
In these days of outsourcing it can be hard to tell who the insider is. Insider motivations can vary, for example: is the person behind the Mossack Fonseca attacks leaking information for good or bad? You can be sure that the board is mortified by the leak. Their reputation has become questionable, and as a law firm, reputation is everything.
As soon as data is secured, it needs Privileged Access Rights to get at it - these credentials are assigned to Privileged Users. If these users lose the credentials or turn bad, that data is in risk of breach.
Osirium separates Privileged Users from the Privileged Account Credentials. It uses the principle of Identity In -> Role Out to deliver Privileged Access Management. Privileged Accounts are managed using it's Enterprise Class Password Lifecycle Manager to ensure that the passwords that make up the credentials are long and strong.
Osirium deters Insider Attacks with Privileged Session Recording which lets you see who did what on your systems, whether they be part of your staff or an outsourcer.
Osirium helps detect Insider Attacks with it's Privileged User Analytics this displays all the session data in a way that helps show up all the outlying sessions, you can click through all the data points to get back to the details session data.