Guest Post by Gábor Marosvári, Product Marketing Manager, Balabit
Balabit and Lieberman Software have just formed a global strategic alliance on the basis of the integration of their flagships, the Shell Control Box (SCB) and Enterprise Random Password Manager (ERPM). SCB is a best-of-breed user monitoring appliance that controls privileged access to remote IT systems, records activities in movie-like audit trails, and prevents malicious actions. ERPM is a leading Privileged Identity Management platform that simplifies the management of privileged credentials, ensuring that privileged accounts are only available to audited users on a temporary, delegated basis. Together they set a new level of best practice for Privileged Access Management, a unique approach to prevent data breaches. This post summarizes the benefits and competitive advantages of the joint solution.
Under the Hood
The simplest way to describe how the two products inter-operate is that ERPM manages the credentials and SCB manages the sessions. When SCB launches a session on behalf of a user, it reaches into the ERPM system to get the appropriate password to do so. Meanwhile, ERPM continuously rotates these passwords as they are used – even when no one is touching them – in order to ensure you are continuously protected. SCB records every session, either initiated from a desktop client or through ERPM. The passwords of the target servers are managed centrally in the vault of the ERPM, while SCB ensures that the protected servers can be accessed only via SCB — since the users do not know the passwords required for direct access.
Shell Control Box and Enterprise Random Password Manager Integration
The joint solution forms an end-to-end Privileged Access Management solution which protects IT assets and meets compliance requirements. Of course, the ultimate goal is protection against today’s most dangerous threats, the malicious insiders and APTs. You can monitor your high-risk users (admins, contractors, third-party vendors, etc.) without the need to give them access to privileged credentials. Users can continue to work in IT systems as usual with no disruption to their daily routine. The solution authenticates the users, impersonates the authenticated user on the target system, and transparently retrieves the credentials for accessing the system. This automatic password-retrieval process protects the confidentiality of passwords, as the users never access them. The aggressive rotation of passwords, keys and service accounts keep privileges a moving target for attackers. In addition, all user actions are monitored and recorded – the ability to easily reconstruct user sessions allows you to shorten investigation time and avoid unexpected costs.
As a major financial provider in Turkey, Albaraka Turk has a complex IT infrastructure and has to comply with local regulations and international IT security requirements such as the PCI DSS and COBIT. To comply with these strict requirements, activities of system admins and third-party contractors accessing the bank’s IT systems should be controlled, monitored and reviewed. To achieve this they purchased the Shell Control Box and integrated with the Enterprise Random Password Manager. The joint solution works smoothly at Albaraka without disrupting the work-flow helping them to track privileged access and secure privileged passwords as they are stored in a secure vault and changed after every checkout. The joint solution works fine at several customers as well, including Merkantil Bank in Hungary or the State of Geneva in Switzerland.
- First of all, this solution is a combination of two technology-leading products. Session recording and password management is the core competency of Balabit and Lieberman, not just afterthoughts like in the case of several PAM suites on the market.
- It’s an open, highly extensible architecture, which can be seamlessly deployed even in complex enterprise environments. You don’t need to install agents on the target systems.
- Thanks to the turnkey nature – and the out-of-the-box integration – of the products, you can deploy the solution in weeks not months,
- ERPM provides a rapid, 100% accurate auto-discovery of accounts – you’ll get a full inventory of shared accounts of your IT environment in minutes (!),
- The joint solution operates transparently on your network without disrupting the user work-flow – your users can continue to use their loved client applications. It does not even require any modification, neither on the clients nor on the servers.
- The joint solution can prevent data breaches on the fly by supporting real-time alerts and session termination,
- The solution meets the highest quality standards in audit & forensics by delivering movie-like playback and free-text search in graphical (RDP) sessions.
The joint solution is available in one-stop-shop, implemented and supported by joint partners across the globe.
Learn more of the joint solution on Balabit’s Privileged Access Management page.
Gabor Marosvari joined Balabit in 2011. As a privileged access management specialist, he primarily focuses on go-to-market strategy, evangelizing and market intelligence of Balabit’s privileged user monitoring portfolio.