Scribd
Upload
302 views

Privileged Identity and Access Management PDF

1) Privileged accounts within an organization's network pose a significant security risk as they can give attackers full control over the network if compromised. 2) PwC provides privileged identity and access management (PIM/PAM) services to help organizations secure, manage, and monitor privileged access in order to detect and prevent breaches of these high-risk accounts. 3) PwC's PIM/PAM services include identifying privileged accounts, designing and implementing automated access solutions, defining security policies, and providing ongoing support to help clients achieve compliance and increase operational efficiency regarding privileged access.

Uploaded by

Prasad Kshirsagar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
302 views

Privileged Identity and Access Management PDF

1) Privileged accounts within an organization's network pose a significant security risk as they can give attackers full control over the network if compromised. 2) PwC provides privileged identity and access management (PIM/PAM) services to help organizations secure, manage, and monitor privileged access in order to detect and prevent breaches of these high-risk accounts. 3) PwC's PIM/PAM services include identifying privileged accounts, designing and implementing automated access solutions, defining security policies, and providing ongoing support to help clients achieve compliance and increase operational efficiency regarding privileged access.

Uploaded by

Prasad Kshirsagar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Privileged Identity and Access

Management
The New Cyber Battleground: Inside Your
Network (Privileged Accounts)
The new battleground for cyber attacks is not outside the perimeter, it’s actually inside
your network. With today’s advanced attacks (example malware & phishing) make it
easy to breach the perimeter. Therefore, protecting the perimeter is not an effective
You have heard this before!

strategy. Strategies must move inside the organization, assuming the attacker is already
there.

And, attacks aren’t always coming from the outside. While not as common as external
attacks, internal breaches typically have a much bigger impact (think Snowden).

Regardless of how the attack originates, once an attacker is inside the perimeter and has
access to a privileged credential (password or SSH key), the attacker (or malicious
insider) has full control of the network including desktops, laptops and servers, security
solutions, domain controllers and databases and applications. In essence, a
compromised credential means you have completely lost control of your infrastructure
and the tools you have invested in to protect the network.

And lastly, because privileged accounts are powerful and pervasive, they are an
important aspect of many compliance regulations. Failure to meet compliance
requirements can lead to brand damage and significant costs due to failed audits.
To salvage the situation, PwC has set out to help organizations frame a comprehensive
Privileged Identity & Access Management program that is aimed to detect, identify,
manage and monitor privilege access. We have deeply ingrained the below mentioned
features into each of the our services offered. The features are designed to ensure clear
identification of privileged accounts, understanding of requirements, robust design,
scalable implementations and easy tool management

1 2 3 4 5 6
How we solve it!

Scan and Understand Select, Define PIM Define/Enhance Increased


Identify Privilege Design and policies to processes for operational
Privileged Access Implement meet Privileged efficiency
Accounts Requirements PIM/PAM compliance Access
Solution

As a strategic partner to our clients, PwC is committed to provide the best of PIM/PAM
automation services from strategy to execution. Some of our key services are:
Conduct
Scan and Identify & diagnostics and
Identify Analyse recommend
Privileged Requirements
Accounts

Design , Deploy Sustenance Adapt leading


& Strategic and support practices
Implementation

We look at things a bit differently, which has help our clients achieve certain strategic
benefits through our implementations. Not only do we have the technical expertise to get
things done, but we also see the
bigger picture for our clients.
This helps us build
tailored solutions

02/08/2016

PIM/PAM Capability Brochure


PwC 2
grounded on rigorous analysis of data to create a lasting differentiated value for our
clients. We challenge conventional assumptions and bring an innovative perspective.
Some of the critical success factors are as enumerated:

How we solve it!


Executive focus Customer satisfaction
Customer experience model
Thought Recognition
leadership in industry
Understanding of Understanding the Post
Knowledge requirements big-picture implementation
base support
Constant
Attention and communication Knowledge
commitment base
Technical
Experience
expertise

Maintain forward
momentum

With more than 10+ Cyberark/ Arcos specialists in India, PwC is one of the India’s
Meet the world-class Architects

leading PIM/PAM practices. We assemble an unrivalled breadth and depth of capability


from various aspects of PIM/PAM and Cyber-security (including Strategy) to create
tailored solutions for our clients from ‘strategy through execution’. Apart from
PIM/PAM specialists, PwC India has over 300 Security experts, enabling us to meet
client’s expectations for process improvement, expert advice, quality, value, and
timeliness.

We, at PwC, believe ‘Practice maketh man’; hence we provide impetus to training and
knowledge building. Hence we have setup our own instances to conceptualize and
simulate various use-cases, integrations with different PIM tools and impart trainings.
The instances are equipped with good-connectivity, latest upgrades and commercial
tools.

Through effective collaboration across our network and sharing our knowledge, tools
and methods we can ensure we are effectively leveraging our global talent and
investments to deliver next generation market leading solutions to our clients.

Below is depiction of comprehensive controls on privileged activity.

Lock Down Isolate & Control Continuously


Credentials Sessions Monitor
Our unparalleled experience!

Protect privileged Prevent malware attacks Implement continuous


passwords and SSH and control privileged monitoring across all
keys access privileged accounts

Password Vault Privileged Session Monitor


Privileged Account
SSH Key Manager On-Demand Privileges Unix
Monitoring
Application Identity Manager & Windows

Our core strength lies in our varied and practical experience in implementing and
supporting Privilege ID management use cases on for various large complex and global
businesses. Our ability to visualize the business objectives of the client and to align the
design to drive the objectives has always put us in the forefront. Deep technical
knowledge combine with passion to serve to the best for our clients has lead to
completion of implementations in record time with optimal resources. In India, we
currently have multiple Cyberark & Arcos implementations running in tandem. These
implementations include strategy, implementation, automation, diagnostics and
sustenance.

23/08/2016

PIM/PAM Capability Brochure


PwC 3

You might also like