The privileged smart card user
Click here to load reader
Transcript of The privileged smart card user
The secured privileged userPriviliged access users in the enterprise
The privileged
smart card user
Can’t share passwords with other admins
Doesn’t needto remember multiple,complexpasswords
Only has to carry one smart card for all access
Smart cardequippedwith multipleidentities
More secureSSH &RDP access
Smart card equippedfor physicalaccess to secure server room
Smart cardprovidesvisual ID
5 Tips5 Tips
for managingprivileged access
Before implementing any privileged access controls, first take a look at your current situation—potentialrisk to the organization and possibleroadblocks to effective managementof privileged access.
1.1.
cess
ting any privilegedst take a look at
—potentialnd possib
Secure smartcard access todomain controllers
Access to information assetsshould not be granted to everyadministrator. Only those who have a valid business need should be provided with access.
2.2.
3.3.
4.4.
5.5. Frequently monitor and improvehow access rights are granted andrevoked. This is especially importantas new technology, such as mobileenterprise applications, is adopted.
Do not grant anyone permanent privileged access to any resource.Access should be granted on an asneeded basis and only for the amount of time needed.
Implement tools and reporting to monitor any inappropriate grantingof access rights, and any violationsof policy.
From Norman Marks on Governance, Risk Management and AudtitIf you wern’t worried about privileged users you should be, April 5, 2012