” Knowledge is power. Knowing exactly who has access to which systems, when, and what they are doing with that access empowers businesses to regain control in this challenging time,” says Chad Carter, WALLIX, in an exclusive interview with IT Security Wire.
How has the current rise been cybercrimes during the COVID-19 situation impacted the need and popularity of the identity access data management platforms?
Unfortunately, hackers and criminals are taking advantage of businesses dealing with this crisis, exploiting existing opportunities as well as new vulnerabilities being exposed. Businesses need to protect themselves broadly and quickly. External connections to sensitive systems and data are opening up high-risk avenues for a data breach. Access management solutions close the gap, securing access, verifying identities, and protecting data. These technologies are critical right now, more than ever.
With the current remote working situation across the globe, what are the major security challenges that firms are facing? According to you, how best can these be resolved?
The main issues with remote access are and have always been knowing 1) who is accessing your systems, 2) which resources do they have the right to access, and 3) what are they doing with that access. This challenge has exploded exponentially as entire workforces have gone remote, forcing IT teams to work quickly to find solutions for their colleagues to do their jobs with as little disruption as possible.
Organizations can answer these questions in one fell swoop with Privileged Access Management. A PAM solution can offer complete control over privileged users, granting and revoking privileges to specific resources as and when they’re needed. With integrated PEDM, it implements a Least Privilege approach to security. This can be taken even further with an Endpoint Privilege Management (EPM) solution, which ensures that privileged access is controlled at a granular level for endpoints both inside and external to the corporate network.
Knowledge is power. Knowing exactly who has access to which systems, when, and what they are doing with that access empowers businesses to regain control in this challenging time.
Why is the adoption of a Privileged Access Management (PAM) platform crucial to strengthen the security of remote access for mission-critical resources?
A robust PAM solution offers a suite of powerful capabilities that help organizations protect their most critical IT infrastructure, no matter where it’s being accessed from. It secures remote access of employees or third-party contractors and allows granular control over their privileges – which resource, which commands or actions, and when/for how long. Furthermore, users accessing these resources never need to know root passwords, which avoids the lost or stolen credentials that are such a significant risk for Insider Threat. Comprehensive session management means businesses can not only grant privileges, but have full oversight of privileged users’ work, including OCR recording of all keystrokes and clicks, enables shared sessions, and facilitates automated session termination when necessary.
Ultimately, the aim of a PAM solution is to make everyone’s lives easier. It streamlines privileged user management for IT teams, it makes it easy for users to request privileges when needed, and
How critical is it to ensure endpoint security when organizations have teams working remotely across the globe?
Endpoint security is critical for facilitating secure remote work! With endpoints taken outside of the perimetric protections put in place for the corporate network, they represent a major vulnerability for organizations. And it’s a vulnerability that hackers prize. As the attack surface gets larger and larger, the favorite target is endpoints, which can fall prey to malware, ransomware, and other crypto-viruses and, thanks to the elevated privileges of the user, allow an easy entry into the IT infrastructure.
Managing endpoint security, however, can seem complex as users need to be able to download and use business applications to do their jobs (requiring admin rights on their endpoints), but IT teams are overburdened with demands when they take away local admin privileges. And this overload of Helpdesk requests usually results in users being given back their rights, making quick work of the security efforts.
An Endpoint Privilege Management (EPM) system, however, can offer the best of both worlds. Endpoints are stripped of local admin rights, and privileges are managed at the process level, remotely, by the IT team. Users see no difference in their workflows, but IT sees airtight security against any phishing link or malware that might attempt to infiltrate the system, no matter where in the world the endpoint is located.
How is WALLIX supporting enterprises in implementing their business continuity plans?
This year has gotten off to a rocky start for businesses as they have felt the economic and organizational impacts of the Covid-19 pandemic. With this crisis has come a wave of new digital threats and cyberattacks as workforces going entirely remote, and cybercriminals take advantage of new vulnerabilities.
WALLIX is supporting organizations in implementing their business continuity plans by offering free licenses of our Access Manager module, which facilitates secure remote access as part of our Privileged Access Management solution. We wanted to make sure that organizations were able to quickly and efficiently get their teams up and running as they work from home during this difficult time, to keep business going without a hitch. Traditional solutions to remote work like VPNs can be costly and complex to set up and offer zero visibility over what users are actually doing once they connect into your systems. The Access Manager empowers remote employees and third-party contractors to connect to even the most sensitive IT resources, and the Session Management features provide complete oversight and recording of privileged session activity, and automated termination in case of suspicious behavior.
Our entire portfolio of solutions and technical expertise is committed to responding to the urgency of securing access to IT systems and business applications for employees working remotely. From external connections made by endpoints outside the corporate network (and therefore outside perimetric security) to Identity protection, WALLIX is there for organizations facing this rapid digital transformation.
“Access management solutions close the gap, securing access, verifying identities, and protecting data. These technologies are critical right now, more than ever.”
Chad Carter, WALLIX Group