Mitigating Insider Threats posed by Privileged Users

Published: 18 October 2012

Osirium (www.osirium.com), a leader in Privileged Management has today announced the release of Privileged Session Recorder (PSR) which successfully reduces the Insider Threat risks from uncontrolled Privileged User activities.The proliferation of Managed Service Providers, Cloud Applications and Outsourced 3rd Party Services makes organisation’s IT infrastructure even more complex and, in particular, the ownership and accountability of these critical privileged actions become more and more blurred.

David Guyatt, CEO at Osirium comments; “IT contractors, consultants, service providers, as well as the “in-house” SysAdmin teams, all need to participate in maintaining IT operations. However, this presents an array of potential opportunities for privileged users to perform powerful and untraceable activities across the entire IT infrastructure. This could range from inappropriate configuration abuse, deploying malicious software, the targeting and stealing of sensitive data, all of which would be invisible and unaccountable, exposing businesses daily to the intolerable risks from uncontrolled privileged activities.”

Research from UK analyst firm Quocirca, found that only 35% of organisations are able to associate Privileged User actions with a particular individual. Osirium PSR ensures that privileged users can no longer hide behind the anonymity of shared or legacy accounts, which means the operational risks are significantly reduced with full accountability and auditability over privileged activity assured.

Osirium PSR allows organisations to record privileged sessions through a wide range of protocols including SSH, HTTP, HTTPS, ESXi, RDP, VNC and Telnet.  Uniquely, Osirium PSR allows organisations to be selective on the sessions they record because the storage and cost implications over 7 years – the legal requirements keeping records - would be significant. Enabling customers to record specific individuals, or the activities of a particular SysAdmin role, or even a specific device, will help focus search and locate activities, as well as significantly reduce the storage assets required.

David Guyatt continues; “In fact, the greatest value that Osirium PSR provides in mitigating the risks from Insider Threats is the deterrent effect of deployment. In knowing that Osirium PSR is installed and recording all SysAdmin activities, and that each action can be traced back to specific privileged users, informs the 3rd party service personnel and SysAdmin teams and that there will be definitive consequences if any unauthorised or damaging privileged activities are performed.”

Release Date: 
Thursday, 18 October 2012
Article Type: 
Press Release