14
October 2017

Osirium: When your biggest problems are solved, you look to the next one

Andy Harris

In one of our recent Technical Stakeholder Meetings, we were musing over the difference between what the Osirium PxM Platform is purchased for, and what our longstanding customers actually do with our products. Effectively this is the difference between winning new customers and expanding the use of our PxM Platform without existing customers.

The answer is in the title, once unauthorised access to devices and systems is completely blocked, our customers don’t need to worry about it anymore. Since we install quickly and cover privileged accounts fast, that side of security is job done tick – that’s what a good Privileged Access Management solution delivers immediately.

Then what?

Our customers start to think about all of the issues raised when ‘authorised access’ goes wrong. Humans are fallible, they issue the wrong commands to the wrong systems with the wrong parameters, and sometimes all at once.

We’ve seen the number of privileged tasks exceed the number of privileged logins on most sites where our PxM Platform servers have been running for more than six months.

There are many useful outcomes of Privileged Access Management:

  • The number of people that need login access is reduced to a minimum – that’s the Least Privilege Model delivered
  • There’s no possibility for command line mistakes in a task.
  • Human input error is reduced.
  • General system wandering (the precursor to insider attack) is blocked.

You might like to know that Privileged Task Management has always been part of the Osirium PxM Platform – it’s baked-in goodness.

Back to that Technical Stakeholder Meeting…

Of course, the answer was that our teams have to build-out both the Privileged Access Management and Privileged Task Management solutions along with session recording (Privileged Session Management) and analytics (Privileged Behaviour Management). Right now, we’re testing our concepts of:

R2P2A2

or Reliable Robotic Privileged Process Automation and Augmentation. We might not actually call it that, but it’s cool and pushes what we do to the next level. We’ve revolutionised BYOC (Bring Your Own Code) for the greater good. We’ve known for years that good IT departments have been writing their own tasks. With PTM you can transfer the logic of these into a secure environment where all the credentials are well contained and refreshed.

Now we’re looking at the concept of taking customer written code to build a secure Filofax of business tasks. So, all of that useful business logic and tricky problem solving can be held in one library and deployed to secure containers with task-in-flight instrumentation.