Preventing Data Loss Through Privileged Access Channels

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Log in
Sign up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in our online comments.

Your password should:

  • be at least eight characters long
  • be no more than 25 characters long
  • contain at least one uppercase, lowercase and special character
  • contain at least one digit
  • only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

Privileged users and processes have access to the most sensitive data and systems but because their communications are encrypted, they bypass basic security safeguards such as data loss prevention, firewalls and IPS. This latest white paper focuses on how to restore visibility and security to these encrypted pathways in and out of your network.

Systems and IT administrators comprise a set of privileged users granted access to very high value targets. Their access rights include ability to create new virtual machines, change operating system configurations, modify applications, modify databases, install new devices, change configurations and so on. If misused, the privileges they are granted can have devastating consequences. Given this potential, such privileged activities should be well secured. Most organizations take basic safeguards to prevent misuse of privileged access usually with the Secure Shell (SSH) protocol, the most widely used standard for securing systems, device and applications administration.

However, even with Secure Shell, there is a fundamental gap in the security of privileged access. Enterprises rarely apply a reliable audit or monitoring capability to privileged user activity. Because these activities are secured by encryption, they are opaque to standard layered defenses such as next generation firewalls and data loss prevention systems. A rogue administrator can steal company information, alter critical data and damage systems – and erase the systems based logs that record what they did. Privileged access channels are also attractive vectors for external criminal entities to steal information and disrupt operations.

After reading this white paper, readers will learn:

  • How privileged access governance can be made minimally invasive, scale to enterprise requirements, and prevent costly losses
  • How to restore visibility and security to these encrypted pathways in and out of your network
  • How to effectively balance the challenges of cost, risk and compliance

Brought to you by

Should you download this content your information may be shared with the sponsors indicated above. Please see Infosecurity Magazine’s privacy policy for more information.