According to the 2012/2013 Kroll Annual Global Fraud Report, the percentage of cyber-crimes committed by corporate insiders has continued to climb over the past few years, from 55 percent in 2010 to 60 percent in 2011 and more than 66 percent in 2012. (See Resources for a link.) Modern trends in enterprise computing —such as social media, cloud, mobile and device computing, and big data analytics— are making insider threats harder to identify.
Security intelligence methods offer a smart approach to combating insider threats, enabling the following foundational security elements:
- Data protection and redaction
- Security intelligence and analytics
- Privileged user monitoring
- Identity and access management
IBM Security Privileged Identity Manager can ease the burden of tracking and administering privileged identities within your organization, regardless of whether it is an authorized insider being used by a hacker, an authorized insider purposely misusing corporate data, or an outsider who has assumed the identity of a privileged insider.
Privileged Identity Manager performs five major tasks to ease the work involved in managing the security risk authorized insiders can invoke:
- Manages privileged user identities centrally
- Defines privileged roles and entitlements
- Reduces overhead and risk by consolidating privileged accounts
- Controls access and tracks usage of shared identities
- Provides automated password management
Manage privileged user identities centrally
Privileged Identity Manager lets you manage and audit privileged user identities as a pool that can be checked in and checked out by authorized people. You can add, remove, and change privileged access from a central location. It automates the single sign-on and check-in and check-out processes to simplify the process and also automates the ID approval and recertification processes. The system even enables self-service requests to help you improve productivity.
Define privileged roles and entitlements
By using automation to make it easier to define privileged roles and entitlements, Privileged Identity Manager improves productivity while strengthening security. It helps secure provisioning of privileged user accounts, provides an encrypted vault for storing privileged user credentials, and offers timed automatic check-in that gives users a limited time to use a privileged identity.
Consolidate privileged accounts
Consolidating privileged accounts is another capability that Privileged Identity Manager employs to ease management of a growing number of IDs. It enables shared access among a predefined group of users; provides single sign-on for each user in the group to a designated shared account, even as the password is updated; and allows users to request access to a privileged account using shared identity services.
Control access and track usage of shared identities
Tracking and monitoring shared and privileged identities is a critical capability of Privileged Identity Manager. It allows you to track identities through such methods as:
- Fine-grained activity logging for all identities
- The ability to capture how a privileged identity was used
- The ability to capture what a user did with a privileged identity
- A configuration that can enforce strict check-in and check-out of a pool of shared accounts
- The ability to ensure privileged identities are checked out exclusively by individual users
- The ability to record steps of authentication and privileged account actions in a detailed audit trail
Provide automated password management
And to round out the tasks, Privileged Identity Manager delivers automated password management. It automates the check-out of identities, hides passwords from the requesting employee, requires password resets upon check-in to help eliminate password theft and reuse, establishes a self-service interface for users to optionally check-in and check-out credentials and view passwords, and enables password reset to run at check-in to help ensure that passwords aren't compromised.
Tools for the next step
Privileged identity management can scale quickly into a complex, multivariate task. To ease the pain of providing a 24/7, always-on-guard, privileged-ID IT patrol, you should keep the concepts of automation and analytics in mind:
- Automation of common authentication and password management tasks, as well as automating the more urgent tracking-data-gathering and alert-generation tasks, essentially provides you with more virtual watchmen, allowing you to more fully focus on the critical and time-sensitive decision-making.
- Analytics is the basis of intelligent security: Fast analysis of massive amounts of data transactions by privileged users can identify patterns of security abuses. Analytics provides you with more virtual analysts, which strengthens your decision-making team.
IBM Security Privileged Identity Manager is designed to provide these capabilities and to get them easily integrated into your organization.
Following are some tools you can use to speed up your learning process about Privileged Identity Manager, including an accelerator that provides lots of bits of knowledge about the product and the processes involved in privileged identity management.
- The IBM Security Privileged Identity Manager product site (see Resources): Provides detailed information about the product, plus a whitepaper on the evolution of insider threats, a data sheet on how the product mitigates insider threats, a video that demonstrates how the product enables tracking of privileged users, a link to the latest IBM X-Force Annual Trend and Risk Report, and a webcast that details how to automate privileged user access management.
- The IBM Security Privileged Identity Manager Information Center (see Resources): A user guide that provides:
- A list of learning resources (what's new, accessibility features, introductory concepts, quick start and deployment guides, and IBM Redbooks® links)
- Step-by-step tasks guides (installation and configuration tasks plus troubleshooting documentation)
- Links to community discussion spaces and IBM support
- IBM Security Privileged Identity Manager on developerWorks (see Resources): Part of the accelerator library, this wiki offers a list of how-to guides that demonstrate:
- Installation and configuration for Privileged Identity Manager deployment
- Implementation of a pool of delegated administrators or help desk users who can access privileged IDs
- Implementation details for application administrators who need ad-hoc privileged access
- Implementation details for admins who need to access emergency privileged IDs
- Implementation details for applications or cron jobs that need access to privileged IDs
- Implementation details for multiple network admins who need to share single superuser account to network device
- How to automatically remove users from a role
- How to automatically reset passwords for shared accounts
- The Privileged Identity Accelerator wiki (see Resources): Offers details about IAM Business Value Accelerators targeted for IBM Security Privileged Identity Manager deployment scenarios. It provides links to the guides found in the previous entry plus video demonstrations for some of the guides.
- IAM Business Value Accelerators community (see Resources): In addition to offering a portal to Privileged Identity Manager accelerator resources, it links you to accelerator resources for IBM cloud, mobile, and compliance and governance products and processes.
- See "Significant spike in internal fraud over past year, Kroll Global Fraud Report reveals," to learn how the percentage of cyber-crimes committed by corporate insiders has continued to climb.
- The IBM Security Privileged Identity Manager product site provides detailed information about the product.
- Get more information in the IBM Security Privileged Identity Manager Information Center.
- Learn about IBM Security Privileged Identity Manager on developerWorks.
- The Privileged Identity Accelerator wiki offers details about IAM Business Value Accelerators targeted for IBM Security Privileged Identity Manager deployment scenarios.
- The IAM Business Value Accelerators community offers a portal to Privileged Identity Manager accelerator resources.
- Start your journey to implement IT security through pragmatic, intelligent, and risk-based practices at Security on developerWorks.
- Attend a free developerWorks Live! briefing to get up-to-speed quickly on IBM products and tools as well as IT industry trends.
- Follow developerWorks on Twitter.
- Watch developerWorks on-demand demos ranging from product installation and setup demos for beginners, to advanced functionality for experienced developers.
Get products and technologies
- Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, or use a product in a cloud environment.
- Get involved in the developerWorks Community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.
Dig deeper into Security on developerWorks
Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.
Experiment with new directions in software development.
Software development in the cloud. Register today to create a project.
Evaluate IBM software and solutions, and transform challenges into opportunities.