PSM - Privileged Session Management
Session management is a comprehensive IT Security process to control, monitor and record administrative access to servers, databases, and network devices. Properly implemented RBAC controls should include lock down based on day, date, time and location. Monitoring and recording should be fine-grained enough to capture keystrokes, text/graphical screen output, and mouse movements.
Organizations use session management to improve oversight and accountability over privileged accounts and credentials. Privileged session management refers to the monitoring, recording, and control over privileged sessions. IT needs to be able to audit privileged activity for both securities and to meet regulations from SOX, HIPAA, ICS CERT, GLBA, PCI DSS, FDCC, FISMA and more. Auditing activities may also include capturing keystrokes and screens (allowing for live view and playback).
While you can manually implement some processes – such as screen recording – integrated solutions allow you to accomplish it seamlessly and at the scale of hundreds or thousands of concurrent sessions. Moreover, some third-party solutions can provide automated workflows giving IT granular control over privileged sessions, such as allowing them to pinpoint an anomalous session, and terminate it, or alternatively pause/lock it until a determination is made that the activity is appropriate.
Vendors PSM - Privileged Session Management
F.A.Q about PSM - Privileged Session Management
What is Privileged Session Management?
Privileged session management allows security administrators to monitor, control, and audit work sessions of privileged users. The session manager provides proxy-access to all critical resources and therefore prevents direct access to those resources. A session manager is central to privileged access management (PAM) and is generally integrated with an access manager and a password manager.
Privileged session management allows you to identify suspicious or unauthorized actions and stop them in their tracks. What’s more, session management provides an unimpeachable audit trail that allows for compliance and incident investigation.
What features has Privileged Session Management?
The key features of a privileged session management solution include:
- Real-time monitoring and alerting.
- Real-time control systems.
- RDP/SSH access control.
- Authorization workflow.
- Compliance and audit systems.
Session Management: Why do you want it?
Privileged session management will allow security teams to:
- Monitor, audit, and control privileged sessions across on-premises and cloud-based applications and resources.
- Prevent insider attacks, privileged account escalation, and third-party access problems.
- Prove regulatory compliance for HIPAA, GDPR, PCI, SOX, NYCRR 500, and other regulations.
- Provide an easy-to-utilize workflow that enables the easy provisioning and de-provisioning of privileged credentials while creating 100% accountability for those privileged users.
- Revolutionize incident response by enabling both automatic response and mitigation while at the same time providing a searchable database and video record that allows for a start-to-finish post-mortem analysis.