Your system admins fully manage and control every aspect of your network. Who is watching them?
Privileged users, such as system administrators are the rock of your information technology organization. They are the engine that gets things done - deploying, maintaining, and updating systems - and they are your first line of defense against security threats and vulnerabilities. Because of their immense power, privileged users can be a huge liability for your organization.
According to The Guardian, "...it's fairly typical to have administrators working unmonitored across networks and systems, especially when it comes to managing a sizeable IT estate. Unfortunately, this necessarily broad access required to maintain IT environments comes with real dangers to the safety of sensitive data." Every system administrator has the power to make or break your business.
There are plenty of real-world case studies. In 2008, a system administrator for the city of San Francisco was put in jail for locking every member of the IT staff out of all critical systems on the city's network. When supervisors demanded the password, the administrator refused, leaving the city's network unusable for days.
It's not practical to limit privileged users so heavily that your critical systems are no longer viable. Instead, RevBits' Privileged System Management (PSM) offers an alternative; let system administrators and other privileged users connect to systems using supported protocols and observe/control what is happening inside the session, even if it's an encrypted connection.
RevBits PSM ensures that organizations can easily comply with the Payment Card Industry Data Security Standard (PCI DSS) and other key laws and regulations. Using PSM, all privileged sessions and activity are recorded for audit purposes, including extensive features such as video recording and keystroke information. Auditors can easily sift through all of the data.
PSM works by masking server and authentication information from your privileged users. Choose usernames and passwords for your end servers and load them into the software along with the server's destination address. PSM will store and encrypt actual server credentials securely. Once that's done, provide your privileged users with access to servers through the tool as you see fit. Users will never actually see the real server address, username or password; instead, they will authenticate to PSM using their own credentials, such as username/password, private key, hardware token, and more.
PSM ensures that you can connect to systems all over the world seamlessly with all activity recorded. Users can have autonomous access to the servers they've been granted permission to. In addition, all data exchange protocols are completely secure. PSM does not downgrade encryption at any point in the communications thread.
Just like all other products that RevBits offers, PSM is fully customizeable. Configure PSM to only allow access to certain servers during certain hours of the day, such as non-business hours. Or, allow users to log in to particular servers for only 20 minutes, after which they will need to request access again. Each of our settings ensures that organizations can tightly control the activities of their privileged users.
With PSM, users can log in to a management portal, add their personal authentication information, see the list of servers available for access, and connect. If a user doesn't have access to a system but needs to connect, they can request access from designated personnel with the organization through the portal. No email follow-ups or ticketing systems required.
Take back control of your network by implementing policies that force connections through PSM; for example, block all access to servers being hosted outside the local network unless through PSM - a great option for servers hosted in cloud environments such as Amazon Web Services, Microsoft Azure or Google Cloud. PSM offers real-time monitoring to see what is happening inside sessions while they are in progress, and remote session termination to instantly kill a connection if unauthorized activity is in progress.
RevBits PSM supports all major administrative protocols including Secure Shell (SSH), Remote Desktop Protocol (RDP), Virtual Network Computing (VNC), Microsoft Structured Query Language (MS SQL), Oracle, MySQL, and PostgreSQL, with additional protocols added all the time. Each protocol supports specific access and tracking features within PSM. No other privileged session management solution offers a more complete set of features. Some of the most powerful controls include
Honeypots provide great insight into current attacks on your network so that you can detect, track, and respond to sophisticated cyber security threats in real-time. BeeAlert contains advanced monitoring capabilities that allow you to monitor these threats with the greatest speed and precision on the market.
All session interaction is video recorded. This important feature ensures fidelity even when users are using graphical command line tools, such as text/file editors. Other products use keyloggers alone, which will log user input (up/down arrows, page up/down, etc.) but without context.
Audit logs correlate session video and keystrokes with date and time. Search to see if a keyword/command was used and jump right to the point in the session where it was used. No other PSM product correlates activity in this way.
All keystrokes and commands are stored and indexed for rapid searching. Search by a specific word, command, switch or query. In SQL sessions, all executed queries are recorded and can be retrieved for review and evidence.
RevBits PSM integrates easily with other security products deployed within the organization, such as Security Information and Event Management (SIEM) systems. Use PSM's robust API to share data between as many systems as you wish.