Affiliation:
1. Borys Grinchenko Kyiv University
Abstract
Abuse of privileges in the IT environment is defined as one of the threats to the information assets of the business at the present stage. The article examines and analyzes these problems, which are closely related to the leakage of information due to legitimate access to it and / or unauthorized access to it. Reports, research, acts, surveys at various enterprises contain a large amount of analytical and statistical materials that confirm the relevance and importance of this work. Based on the scientific literature, a review of key definitions on this issue, namely: characterized the definition of "privileged access"; the main examples of privileged access in the IT environment are considered; describes the risks and threats of information from attack vectors associated with privileged access to the IT environment. The mechanism for control and management of privileged access - RAM is presented, the steps of this process are highlighted and its expediency is substantiated. Experimental techniques allowed to choose the most applicable solutions of RAM: WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM. The essence and functionality of each of these solutions are revealed. The advantages and disadvantages of each technology are established. As a result of research of technical and functional characteristics the comparative analysis of data of three decisions is carried out: obligatory components of the decision on control and management of privileged access are the manager of passwords and the manager of sessions (sessions), and additional - the module with analytics of privileged sessions and the access manager. use a VPN to access privileged assets. It can also be noted that the functionality of all products is very similar, so the implementation plays a big role, namely the practical approach during operation, internal algorithms, additional opportunities for integration and innovation. PAM solutions are recommended for organizations as a means to mitigate information security risks and threats due to insider activities of company employees who have privileged access to the IT environment.
Publisher
Borys Grinchenko Kyiv University
Reference20 articles.
1. Infographic: 20 Alarming Insider Threats Statistics https://www.stealthlabs.com/blog/infographic-20-alarming-insider-threats-statistics/
2. 2020 Insider Threat Report https://www.cybersecurity-insiders.com/portfolio/2020-insider-threat-report-gurucul/
3. (2022) Data Breach Investigations Report. https://www.verizon.com/business/resources/reports/dbir/
4. EMA Evaluation Guide to Privileged Access Management (PAM). https://loughtec.com/wp-content/uploads/2022/03/ema_eval_guide_to_privileged_access_management_pam-1.pdf
5. Tep, K. S., Martini, B., Hunt, R., & Choo, K.-K. R. (2015). A Taxonomy of Cloud Attack Consequences and Mitigation Strategies: The Role of Access Control and Privileged Access Management. У 2015 IEEE Trustcom/BigDataSE/ISPA. IEEE. https://doi.org/10.1109/trustcom.2015.485.
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献