Many organizations have deployed a Privileged Identity Management solution to control access to so-called Super User accounts such as Windows “Admin” and Linux/Unix “Root”. And this is frequently extended to cover Database Administrators, Network Administrators, and frequently passwords that may be embedded in Application scripts. Additionally Privileged Session Management is deployed to record these sessions on highly sensitive systems, and to control what Administrators can do.
You Can't Manage What You Can't See
Managing local accounts and groups is a critical part of running a secure environment, but visiting all your servers and workstations on a regular basis to verify and maintain proper configuration can be an impossible task. Before deploying a PIM/PAM Solution, an organization should ensure that the environment is locked down to ensure that backdoors are not in existence. This demands that a detailed forensic examination of every system should take place. We therefore recommend that you:
• Identify all accounts (both local and domain) that have super user privileges, including all group memberships
• In your Windows environment, validate all registry settings across all your hosts, including the all users key. Set permissions on keys, including inheritance and sub keys.
• Carry out an inventory of file shares, and know which accounts have access to which files and folders. Once you view the permissions assigned to users or groups, you can edit them to remove unwanted or incorrect entries and guarantee appropriate access.
• Review all Services and Scheduled Tasks and bring all credentials under management.
• Lock down your environments so that Administrators can no longer create accounts with Administrative rights which can be used to bypass your PIM/PAM environments
Lieberman PIM Suite Compliments Your Existing Deployments
Regardless of what solution you may have deployed, Lieberman provides a unique set of tools that can provide you with the ability to automate all of these tasks thus enhancing your existing PIM solution, and giving you more control over your infrastructure, both in the cloud and on-premise.
Effective Against APTs
Because the Lieberman PIM Suite provides the ability to control such key areas such as enterprise wide registries, scheduled tasks, service accounts, and all COM+ related processes, it offers organizations the ability to respond quickly to attacks. Using our patented “Cratering” technology, our clients are able to respond and remediate malware very quickly. Additionally by controlling the environment using True Discovery™, the Suite offers continuous discovery to enable quick response to any environment changes.