Core Privileged Access Manager (BoKS) secures server environment, preventing hackers from gaining access to valuable intellectual property, and proprietary data.
THE CHALLENGE
The chief engineer for a large financial processing company, who was a UNIX administrator, had to deal with the merger of his company with a much larger one. The merger was supposed to produce a lot of cost savings, but turned into an administrative nightmare for him and his staff.
Before the merger, the chief engineer had to maintain 600 servers. After the merger was completed, the number of servers grew to 2,000. Today the company operates well over 5,000 servers.
The merger produced a lot of issues because there were thousands of servers that were not centrally managed causing the administrator to log into each server individually to provision access. Due to the high employee turn-over rate and the continued growth of the environment there was a large number of access requests that had been generated, some of which taking weeks to complete. Managers’ expectations were that the administrator had to drop everything and deal with the access issue. With the limited number of security administrators and large amount of work it was not uncommon for the UNIX system administrators to be pulled into the ID administration role, causing a separation of duties issue.
The merged companies, being in the financial market, had a large number of regulatory requirements that demanded policies be created and enforced on all systems. With the lack of controls on each of the devices this was extremely challenging and required a developer to build a mechanism to facilitate a daily review of content on each of the systems.
With the current environment it was dificult to delegate administrative functions to support organizations to relieve the work load from the security engineers. This caused an overall higher cost for ID administration tasks because it required highly skilled individuals to utilize those skills and their time on rudimentary administrative tasks. With the lack of centralized administrative controls and logging it was not possible to effectively monitor privileged access and security events on the systems.
THE SOLUTION
With the installation of the Fortra Core Privileged Access Manager (BoKS) product the chief engineer was provided with the ability to centralize ID administration and logging for all managed CASE STUDY systems in the environment. This reduced the overall cost of provisioning and de-provisioning of user accounts and access across the managed systems, saving the company money.
Core Privileged Access Manager (BoKS) also allowed the security administrator to create access roles (BoKS userclasses) for the assignment of access to groups of users within the environment. This drastically cut down on the time it took to provision access for the newly created users as well as enforce proper access controls, saving the company more money.
Core Privileged Access Manager (BoKS) leverages the use of pluggable authentication. This gave the chief engineer the ability to control authentication, and mitigate risks for highly sensitive environments by enforcing a strong authentication strategy.
BoKS also includes a file monitoring and file integrity component that allowed the chief engineer to remove other agents from the system that had been performing these tasks, eliminating these costs.
Core Privileged Access Manager (BoKS) Locked Down The Environment, Preventing Hackers From Gaining Access To Valuable Intellectual Property, And Proprietary Data
The chief engineer said that during an internal penetration test of the UNIX servers in the environment the pen-team was able to exploit a vulnerability in a group of systems that had NOT yet been migrated to BoKS. Because of this exploit the team was able to elevate privilege on this system and then access other servers in the environment using SSH keys that a systems administrator had installed. The pen-team reported that they attempted to use this key-based authentication to access the BoKS managed servers as well as other methods, but were unsuccessful. With BoKS, the security administrator limited user connections based on the source of the connection, the destination of the connection and the access method available. In addition, the security administrator controlled the authentication of each specific connection type. Unlike other tools that simply provision a user account to the server and authenticate the user, the BoKS tool truly controls granular access of each user session.
With Fortra Core Privileged Access Manager (BoKS), the chief engineer accessed log data that showed the type and quantity of administrative changes, which provided an electronic trail for forensic audits. The administrator also produced metrics that showed the quantity of requests completed per day, week, month, and quarter that he reported to senior executives to demonstrate the security of the environment. Finally, Core Privileged Access Manager (BoKS) allowed the administrator to properly staff each of his teams based on the volume of work required for each function, saving the company a significant amount of payroll expense.
REQUEST A DEMO
See Core Privileged Access Manager (BoKS) in action. Schedule a demo now.