VISIBILITY (identifying and managing devices on the network) and privilege (who can securely access a device with the proper rights and authorities) are critical to cybersecurity. However, gaining visibility and controlling privileges have been challenging for security professionals.
Security solutions vendor BeyondTrust addresses that challenge with its Endpoint Privilege Management suite of tools that bring visibility and control to a plethora of networked devices, including the burgeoning ecosystem of the Internet of Things (IoT). Endpoint Privilege Management enforces least privilege and eliminates local admin rights, providing granular control over the who, what, when, where, and even the why of access.
A Closer Look
In today’s networks, most privileges are assigned manually and err on the side of granting more rights than necessary. BeyondTrust addresses the shortcomings of privilege assignment by automating the process and restricting privilege until there is an appropriate need, essentially a just-in-time approach to privileged access management (PAM) that eliminates the specter of improperly assigned rights.
Initial setup of the product is wizard driven but can be quite daunting to those unfamiliar with Active Directory, LDAP, or other forms of directory management. Installation and configuration are best left to technicians who fully understand user and device security, as well as connectivity to cloud services.
The product offers numerous setup scenarios, ranging from on-premises and cloud deployments to integration with IT service management packages, and beyond. However, once configured, additional deployment, management, and policy definition is intuitive, making it easy to discover connected endpoints and deploy necessary agents to those endpoints.
In BeyondTrust’s nomenclature, an endpoint can be pretty much any device connected to the network, including servers, Windows workstations, Macs, Linux devices, IoT devices, firewalls, and switches. Simply put, if the device uses a privileges-based model for access, it is an endpoint.
The product offers automated discovery of attached devices and mechanisms to deploy agents to those devices. The agents work in concert with platform policies to define the lowest level of privileges for a device, and then elevates those privileges when a legitimate access request comes in.
Legitimacy is a key concept here, one that is determined using multiple tools that provide checks and balances to ensure that a device or user is who or what they claim to be, and then verifying the need for access.
That concept applies to administrative privileges as well. Typically, administrators are assigned full control and elevated rights. While that can ease management chores, it does introduce potential security vulnerabilities, such as stolen credentials or administrators taking credentials with them when they leave the organization. BeyondTrust combats those issues with enforcement of least privilege and the elimination of local administrative rights.
The browser-based Privilege Management Console offers shortcuts to functions in plain English. From the console, administrators can discover devices, define policies, change settings, perform audits, and execute tasks. For the most part, administrators will spend their time defining policies, which dictate device access and privileges. It is also important to note that the product offers a full audit trail, where everything is logged, making it much easier to conduct forensics, validate policies, and support compliance requirements.