Cloud security vendor Bomgar has unveiled its new Privileged Access Management (PAM) system aimed at securing cloud users.
The system protects ‘super users’ (i.e. elite workers) a task which market analyst Gartner has dubbed Privileged Access (AKA Privileged Identity) management. Securing those with privileged identities can take months and even years to complete, according to Bomgar, and often involves an extensive structural re-organisation.
Bomgar’s new PAM system will simplify this by through its use of cloud access control, it claims. The latest incarnation of Bomgar’s PAM allows security professionals to manage any VIP worker’s privileged access to cloud resources. It will also make it possible to conduct forensic searches on access activity and to monitor access from mobiles.
With companies facing rising numbers of cyber attacks, the complexity of management is making companies vulnerable, according to Bomgar, with VIP workers being especially vulnerable targets. Under the circumstances, a virtual private network (VPN) can become a liability, according to Bomgar, since the VPN can be hijacked by increasingly sophisticated hackers who know how to target key individuals. In both the 2013 Target and 2015 Ashley Maddison cyber attacks, the VPNs of privileged users gave hackers a foothold within a secure network, according to Bomgar sources.
Bomgar’s new PAM 15.2 offers cloud access controls, so that security managers can close all unnecessary ports, while still giving users shell and remote screen access. It supports Windows, Redhat, CentOS, and Ubuntu Linux VMs powered by AWS, Azure and VMWare. Its forensic search systems can audit log activity data across all privileged sessions so that auditors can identify critical security events, detect cyber breaches and compile forensic evidence. The audit trails can now be integrated with behavioural analysis tools. Mobile access consoles now make it possible to chaperone users directly from their Android or Apple devices. The mobile apps support access to internal critical systems from 3G and other mobile networks without needing a VPN.
“Hackers are constantly probing, infiltrating and compromising networks,” said Dan DeRosa, Bomgar’s SVP of product management, “meanwhile, securing privileged identities can take months. Our system is designed for easy implementation and to support current access processes.”