tech talk: governing your privileged users – a key step towards reducing the risk of breach
TRANSCRIPT
![Page 1: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/1.jpg)
World®’16
TechTalk:GoverningYourPrivilegedUsers– AKeyStepTowardsReducingtheRiskofBreachEhudAmiri – ProductManagement– CATechnologies
SCT38T
SECURITY
![Page 2: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/2.jpg)
2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.
Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.
ForInformationalPurposesOnlyTermsofthisPresentation
![Page 3: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/3.jpg)
3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Abstract
Manyorganizationshaveasolutiontocontroltheactionsofprivilegedusers.But,that’snotenoughforacompleteprivilegedusermanagementsolution– youmustalsogoverntheiraccesstomakesurethatonlythecorrectusershaveelevatedprivileges,andtheyhaveonlytheprivilegesthattheyneed.ThisTechTalkisanoverviewofthePre-ConEdin-depthsessiononPrivilegedUserGovernance.ComeheretolearnhowyoucanreduceyourriskthroughthiscapabilitythatisuniquetoCA.
EhudAmiriCATechnologiesProductManagement
![Page 4: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/4.jpg)
4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
OneStopShopforallIdentityServicesEverythingtheBusinessUserNeedsinOnePlace
![Page 5: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/5.jpg)
5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
WhyPrivilegedAccessGovernanceisNeeded?
§ TheSituationToday– PrivilegedAccessManagement(PAM)ismostlyastandalone solutionthatimplementscritical
securityandcompliancecontrolsmanagingandmonitoringuseofsensitiveaccess
– Inmostcasesitisseparated fromthecorporateIdentityManagement
§ Theoutcome– Lackofoverallvisibilityto“whohasaccesstowhat”
– Missingapprovalandauditinginformationfor“whyaccesswasgranted”
– InabilitytoenforceconsistentidentitypoliciessuchasSegregationOfDuties– Lackofriskanalysisfortheoveralluseraccess
– FragmentedcompliancewithregulatoryrequirementssuchasISO27002sections8.1.2“ownershipofassets”and9.2.5“reviewofaccessrights”
![Page 6: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/6.jpg)
6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PrivilegedAccessGovernance
§ TheCAApproach– ProvidinggovernanceforPrivilegedAccessiscritical
– Governanceshouldbeconsistentacrossprivilegedaccessandnon-privilegedaccess
– Asalways,it’sallabouttheuserexperience!
§ TheCAIdentitySuiteSolution– Automatedprovisioningandde-provisioning
– Accessrequest– Accesscertification
CAIdentitySuiteIntegrationwithCAPrivilegedAccessManager
![Page 7: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/7.jpg)
7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
AutomatedProvisioningandDe-Provisioning
§ Automateon-boardingandoff-boardingofPAMAccountsaspartofregularuserlifecycle
§ OutoftheboxCAIdentitySuiteconnectorforCAPAMusingstandardPAMAPIs
§ ManagePAMAccountsandtheirassignmentstoRoles,UserGroups,Devices&DeviceGroups
§ SupportforlocalaccountsandLDAP/ADaccounts
§ Supportforgranularaccessassignmentsincludingstart/enddate,rolescopinganddevicepolicies
IntegrationwithCAPrivilegedAccessManager
![Page 8: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/8.jpg)
8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
AccessCertification
§ Gainvisibilityintoalluseraccessinacentralizedplace
§ GranularinsightintoCAPAMaccounts,roles,groups&devices
§ OutoftheboxCAPAMcertificationprocesses:– PAMusercertification
– PAMdevicecertification
§ Easilyidentifyuserswithexcessiveaccess
§ FulfillmentusingtheconnectorforCAPAM
IntegrationwithCAPrivilegedAccessManager
![Page 9: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/9.jpg)
9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
AccessRequest
§ Easy-to-useaccessrequestforCAPAMpermissionsthroughanintuitive'ShoppingCart‘experience
§ Real-timeriskanalysisofacombinedprivilegedandnon-privilegedaccess
§ Allrequestscanbecheckedforsegregationofdutiescompliance
§ Businessdescription,workflow,localization,recommendations,etc.
§ FulfillmentusingtheconnectorforCAPAM
IntegrationwithCAPrivilegedAccessManager
![Page 10: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/10.jpg)
10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
WhyNowandWhyCAforPrivilegedAccessGovernance?
§ Compliance– Manyorganizationsarefacingcompliancepressuretoensureproperprivilegedaccessgovernanceis
implemented
§ BetterSecurity– Managingandgoverning“whohasaccessandwhy”forprivilegedaccessisbecomingmoreimportant
inthebroaderfightagainstsecuritybreaches
§ EliminatingSilos– Implementingseparategovernancesolutionsforprivilegedaccessandnon-privilegedaccessmay
createunintendedweaknessesincustomers’cyber-securitystrategy
§ OneStopShop– ByintegratingCAIdentitySuiteandCAPrivilegedAccessManagement,customerscaneasily
implementanenterprise-wideapproachthatisbasedontwoproven&marketleadingsolutions
MakingtheRightChoice
![Page 11: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/11.jpg)
11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
RecommendedSessions
SESSION# TITLE DATE/TIME
SCT39T PAMforHybridEnterprises 11/17/2016at1:45pm
SCT37T StreamliningIDMDeployment 11/17/2016at3:00pm
SCT05T PAMBehavioralAnalytics 11/18/2016at4:30pm
![Page 12: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/12.jpg)
12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
WeWanttoHearFromYou!
§ ITCentralisaleadingtechnologyreviewsite.CAhasthemtohelpgenerateproductreviewsforourSecurityproducts.
§ ITCSstaffmaybeatthissessionnow!(lookfortheirshirts).Ifyouwouldliketoofferaproductreview,pleaseaskthemaftertheclass,orgobytheirbooth.
Note:§ Onlytakes5-7mins§ Youhavetotalcontroloverthereview§ Itcanbeanonymous,ifrequired
![Page 13: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/13.jpg)
13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Thankyou.
Stayconnectedatcommunities.ca.com
![Page 14: Tech Talk: Governing your Privileged Users – A Key Step Towards Reducing the Risk of Breach](https://reader031.vdocument.in/reader031/viewer/2022030305/587268fe1a28ab31498b5497/html5/thumbnails/14.jpg)
14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Security
FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw