Securing Oracle¢® Infrastructures with PowerBroker y Malicious insider (privilege abuse): Users (employees,
Securing Oracle¢® Infrastructures with PowerBroker y Malicious insider (privilege abuse): Users (employees,

Securing Oracle¢® Infrastructures with PowerBroker y Malicious insider (privilege abuse): Users (employees,

  • View
    0

  • Download
    0

Embed Size (px)

Text of Securing Oracle¢® Infrastructures with PowerBroker y Malicious insider (privilege abuse):...

  • The “crown jewels” for most organizations, and indeed most hackers, is the database server. Protecting the database is priority number one for security and operations teams alike. Gaps in security and weaknesses in processes can put many organizations at risk as they try to balance efficiencies against operational impact. While proper configuration and timely patching can help address platform vulnerabilities, they do not address the three common database attack vectors being used today:

    y Brute force attacks against weak or default passwords: Oracle environments are often put at risk when weak, or common, usernames and passwords are used across the infrastructure – or when passwords are infrequently changed. Once credentials are compromised, attackers can siphon sensitive data from the organization via custom malware and other malicious techniques.

    y Privilege compromise: Successfully compromised legitimate accounts that have database access are difficult to detect.

    y Malicious insider (privilege abuse): Users (employees, contractors, or service providers) abuse legitimate data access privileges for unauthorized purposes.

    From a risk perspective these privilege attacks are especially dangerous in environments where database users are given excessive permissions that exceed the requirements of their job function and where weak database audit policies are in place.

    Although databases and their contents are vulnerable to a host of internal and external threats, it is possible to dramatically reduce the attack vectors. By specifically addressing these threats you can tighten security controls and meet the requirements of the most regulated industries in the world.

    FIVE COMMON SIGNS OF ORACLE ACCOUNT SECURITY RISKS

    1. Default or common passwords are not configured correctly

    2. Credentials are shared across multiple database servers

    3. Passwords remain unchanged for excessive periods of time

    4. Privileged sessions are unmonitored

    5. No accountability controls exist for outsourced DBAs

    Any of these scenarios can set your organization up for a serious data breach. Fortunately, there is a simple and effective way to tighten controls and enhance the security of your database systems against account-based risks while maintaining audit controls and reducing operational impact: privileged password management with PowerBroker® Password Safe.

    Securing Oracle® Infrastructures with PowerBroker Privileged Password Management and Privileged Session Management

    Key Differentiators

    NETWORK-BASED ASSET DISCOVERY

    Scan, identify, and profile all users and services; automatically onboard systems and accounts under management, speeding time to value.

    DYNAMIC RULES & ASSET GROUPINGS

    Build Smart Rules to trigger alerts or auto provision based on system categorization, speeding time to resolution.

    SIMPLIFIED SSH KEY MANAGEMENT

    Schedule SSH key rotation and enforce granular access control and workflow.

    UNIFIED PASSWORD AND SESSION MANAGEMENT

    Use a single solution for both password management and session management, lowering cost and complexity.

    AGENTLESS SESSION MANAGEMENT

    Utilize native tools including Microsoft® Remote Desktop and PuTTY to connect to systems without the need for Java.

    APPLICATION PASSWORD MANAGEMENT

    Get control over scripts, files, code, and embedded keys by automatically eliminated hard-coded or embedded credentials.

    ADVANCED WORKFLOW CONTROL

    Add context to workflow requests by considering the day, date, time, and location when a user accesses resources.

    THREAT ANALYTICS & REPORTING

    Leverage a central data warehouse to collect, correlate, trend, and analyze key threat metrics; customize reports to meet specific needs.

  • AUTOMATED PRIVILEGED PASSWORD MANAGEMENT FOR ORACLE

    PowerBroker Password Safe is an automated password and privileged session management solution offering secure access control, auditing, alerting ,and recording for any privileged account. Password Safe strengthens database security by:

    1. Ensuring no host environment or server has a default password for admin accounts

    2. Guaranteeing each host environment or database server has a unique complex password

    3. Automatically rotating passwords based on age and usage

    4. Limiting administrative access and communications to authorized individuals

    SECURING ORACLE ACCOUNTS WITH POWERBROKER PASSWORD SAFE

    Password Safe secures privileged accounts across your enterprise environment, including:

    y DBAs, service accounts, operating systems, network devices, databases (A2DB), and applications (A2A) accounts

    y Local or domain shared admin accounts across physical and virtual host environments

    y Personal admin accounts (in the case of dual accounts)

    y SSH keys, cloud, and social media accounts

    PowerBroker Password Safe enables you to secure Oracle infrastructure with complete control and audit all privileged account access.

    y Discover all database servers, and verify that no default passwords exist on any device

    y Manage all Oracle databases using PowerBroker Smart Rules, and store a unique password for each device

    y Automatically rotate each device’s password based on age or after each admin

    y Provide a complete workflow for device access, including an approval process for administrative access

    y Database session management enabling database access without disclosing administrative credentials

    y Achieve DB session control including lock, terminate, and over the shoulder monitoring

    y Report on all privileged credentials requested and used

    y Native integration with Oracle Enterprise Manager workflow to orchestrate password changes using extensive API support

    y Flexible application level control to lock privileged sessions to specific DBMS tools (TOAD, Squirrel, SQLdev, etc)

    y Record and playback all privileged sessions to document and review device changes

    y Detect abnormal device and credential access, and receive alerts, via advanced BeyondInsight® Clarity threat analytics

    EXTEND ORACLE SECURITY WITH BEYONDTRUST LEAST PRIVILEGE SOLUTIONS

    PowerBroker for Unix & Linux least privilege solutions enable you to further harden your Oracle infrastructure. These solutions reduce the risk of privilege misuse, especially when third-party tools and other applications are required to manage the database infrastructure. With PowerBroker, you can eliminate local admin privileges, enforce least-privilege policy, maintain application access control, and keystroke all log privileged activities. © 2016 BeyondTrust Corporation. All rights

    reserved. BeyondTrust, BeyondInsight and PowerBroker are trademarks or registered trademarks of BeyondTrust in the United States and other countries. Oracle, and other marks are the trademarks of their respective owners. June 2016

    The PowerBroker Privileged Access Management Solution

    The BeyondTrust PowerBroker Privileged Access Management Platform is a modular, integrated solution that provides visibility and control over all privileged accounts and users. By uniting capabilities that many providers offer as disjointed tools, the platform simplifies deployments, reduces costs, improves system security, and reduces privilege risks. Solutions include:

    y Server Privilege Management: Control, audit, and simplify access to business critical systems.

    y Enterprise Password Security: Provide accountability and control over privileged credentials and sessions.

    y Endpoint Least Privilege: Remove excessive user privileges and control applications on endpoints.

    CONTACT

    North America Tel: 800.234.9072 or 480.405.9131 info@beyondtrust.com

    EMEA Tel: +44 (0)1133 970445 emeainfo@beyondtrust.com

    APAC Tel: +65 6701 8267 apacinfo@beyondtrust.com

    CONNECT

    Twitter: @beyondtrust Facebook.com/beyondtrust Linkedin.com/company/beyondtrust www.beyondtrust.com

    mailto:emeainfo@beyondtrust.com https://twitter.com/BeyondTrust https://www.facebook.com/BeyondTrust http://www.linkedin.com/company/beyondtrust http://www.beyondtrust.com