22
April 2014

15 Minute Security Fix

Andy Harris

Here’s a quick security fix on how to reduce risk for your team’s shared accounts in just 15 minutes.

Provileged Access Management: A Step by Step Guide

Step 1 Starting Profile

Here’s an empty PxM Platform Profile, ready to take our users and devices.

Step 2 Adding the Users

Here we add the users that would share the account. This are the people that currently know the password. Note that at this stage we shouldn’t include any third parties. We’ll cover third party access in the next 15 minute security fix.

Step 3 Adding the Device(s)

Here we add the device, system or application of the shared account. Note that we can see which account is going to be used. We also need to add the tools that users can use. In this case its a HTTPS browser, but for a windows system it could be RDP (Remote Desktop Protocol). At the end of this step all the users can now access the device through the shared account. However, the users still know the password, so they could bypass the PxM Platform.

Step 4 Changing the password

Now we change the password for the shared account. At this stage, only you and the PxM Platform know the password. Users in the profile can still access the device for normal work but since they don’t know the password they cannot provide access to any third party. So, to complete this stage you could store the new password in a safe. Additionally, you’ll be pleased to know that the PxM Platform has several break glass mechanisms. One of which can create a neat PDF ready for physical storage.

Job Done Tick That’s It

You’ve made it! You’re now on the path to Privileged Account Security.