Trending Articles by Technology

Explore news about company updates and events

Mapping Sectona PAM To Help Banks Comply With Swift CSP Framework

The cyber-attack threats are ever increasing. There have been recent incidents of payment frauds in customer’s local environment. SWIFT’s payment community continues to suffer from numerous cyber-attacks and breaches. For year 2020, SWIFT promoted 2 existing advisory controls to mandatory and introduced 2 additional advisory controls resulting in 21 mandatory and 10 advisory controls in the CSCF v2020. The SWIFT has launched a CSP (Customer Security Programme) which aims to improve information sharing throughout the community. Through the programme, it also shares best practices for fraud detection and enhance support by third party providers. The clause 1 of SWIFT CSP framework speaks about restrict internet access and protect critical systems from general IT environment. The framework speaks about the SWIFT environment protection i.e. the protection of user’s local SWIFT environment from potentially compromising elements of general IT environment and external environment. The framework states that there should be complete isolation of the SWIFT user’s environment. There should be complete control and access restrictions over OS Privileged accounts. It also emphasizes on securing the virtualization platforms. All the virtualization platforms and virtual machines (VMs) which are hosting SWIFT related components should be secured to the same level as physical systems. The Spectra Privileged Access Management (PAM) Solution by Sectona with its hybrid access mechanism, ensures secure access to critical systems, including SWIFT infrastructure for users to accessing from internal or external environment. Spectra allows for privileged sessions to be accessed over browser to ensure true session isolation while also allowing direct client-based access without need for agent on the target device. There is also provision for access to be enabled through a secure Jump Host as well for session isolation.  Spectra is a true cross platform capable solution which allows users to take access from any OS, any browser without any need for plugins. Spectra PAM has strong server privilege management & access control capabilities that allow for user access to be segregated based on workforce roles & responsibilities. Unauthorized access is eliminated by way of this capability. Spectra has strong integrations with Virtualization platforms & VMs and access to these can be secured with the same effect as for physical systems. The clause 2.6 of this framework states that surface attacks and vulnerabilities should be reduced. There should be complete operator session confidentiality and integrity to be maintained. The interactive operator sessions connecting to local SWIFT infrastructure should be protected from surface attacks and vulnerabilities. Sessions taken to the SWIFT infrastructure through Spectra PAM will be completely secured, controlled & monitored through a secure mechanism, and ensures protection of the confidentiality & integrity of sessions. Along with MFA to access any interactive session of SWIFT via PAM. In addition, the threat analytics engine within Spectra PAM calculates a composite risk score for each privileged session that helps with auditing and forensics much easily and faster. The clause 2.8 of this framework speaks about the outsourcing of critical activities. It states that the local SWIFT infrastructure should be protected from the risks exposed by the outsourcing of critical activities. Spectra can enable workflow-based access for outsourced activities to ensure that access to the SWIFT infrastructure is granted only after review & approval from authorized personnel. For any critical activity wherein the session may need to be shared over the internet with outsourced or third party vendors, Spectra enables a highly secure way of collaborating without revealing credentials and generating collaborative logs identifying and logging the activities that happened during the session. The clause 2.9 of this framework states that all the business transactions should be controlled. All the business transactions taking place in the environment should be validated and authorized by the respective counter parties. In Spectra PAM, time-based access can be provided to users taking access to SWIFT infrastructure. This ensures that the user access to SWIFT infrastructure is authorized at pre-decided time frame. In addition, workflow-based access can also be enabled to ensure users are given access only after review & approval. Multiple levels (up to 15) of approvals can be configured in Spectra. The clause 4 highlights the prevention of credential compromisation. The clause 4.1 states that the effective password policies should be in place. The passwords should be resistant enough against common password attacks. Spectra PAM has a robust password vault that supports customizable password change policies enabling password complexities and rotations with a wide range of combinations. Multiple Password Policies can be created, and they can either can be applied to an asset or group of assets. Spectra’s Password Vault can help schedule password changes on a regular basis & help set password complexities as desired. The vault is highly secure & passwords are encrypted with either AES 256 encryption or RSA 2048 encryption. The clause 4.2 is about the multi-factor authentication. It requires prevention of compromised single authentication factor for allowing access into SWIFT environment. Spectra is engineered to readily integrate with MFA providers such as RSA, Vasco, Safenet, Okta, OneLogin, Duo or Google Authenticator. Alternatively, it provides proprietary in-built Mobile OTP or Push Authentication and SMS or Email OTP options for multi factor authentication. 2FA mechanism ensures additional layer of security & control. The clause 5 of this framework is speaks about managing identities and segregation of privileges. The clause 5.1   is about the logical access control, i.e. access should be provided on need-to-know basis, and duties for operator accounts should be segregated. Spectra PAM follows the principle of least privileges and segregation of duties adding value by providing attribute-based grouping or AD grouping that can help reduce human effort involved with user mapping based on roles & responsibilities. The clause 5.4 speaks about the protecting the logically and physically stored passwords in the SWIFT environment. Spectra PAM has a robust password vault that supports customizable password change policies enabling password complexities and rotations with a wide range of combinations. Multiple Password Policies can be created, and they can either can be applied to an asset or group of assets. The vault is highly secure & passwords are encrypted with either AES 256 encryption or RSA 2048 encryption. The clause 6 speaks about detection of anomalous activities to system or transaction records.  The clause 6.4 states that all the security events should be recorded and detect anomalous actions and operations within the local SWIFT environment. Spectra's Session Recording module completely captures logs of all privileged sessions across target system sessions including access to SWIFT environment. In addition, the threat analytics engine within Spectra PAM calculates a composite risk score for each privileged session that helps with auditing and forensics much easily and faster. Spectra has an in-built Risk Scoring engine with a list of predefined plausible high-risk scenarios. The risk levels for these scenarios can be configured to incorporate desired risk levels of the organization. This Risk Scoring engine will help calculate composite risk score for each user session based on the activities in the session that thereby helps assess the access behavior. Spectra PAM has alert and notification engine to ensure to ensure timely alerts are sent to concerned personnel on execution of pre-defined critical commands or activities. SWIFT has included an extensive list of best practices to be followed, the latest version of compliance document is available here. For those starting out with their privileged access security programs, start by targeting and identifying all privileged accounts. Leverage this list here  to start your privileged access security program. Sectona team has come up with an interesting article about why running isolated privileged sessions for remote users is important, read it here.
Shruti Kulkarni May 27, 2020

Strengthening Core Security To Achieve Compliance With SAMA Cybersecurity Framework

Safeguarding the sensitive data of your digital society is one of the prime requirements for any nation. Online services are becoming strategically important for both public and private sector organizations, helping them grow a digital economy. And Kingdom of Saudi Arabia is not immune to this growing change. They proactively explore and implement a strong, immune, system which can safeguard sensitive data, transactions and most importantly confidence in the entire Saudi Finance Sector. The financial sector in Saudi recognized the rate at which technology is changing, and the cyber threats always loom large in any given situation along with evolving risks. Saudi Arabia Monetary Authority (SAMA) came up with cyber security framework in May 2017 to enable financial institutions to effectively identify and mitigate the cyber risks.  The main objective of this framework is to: To create a common approach for addressing cyber security within member organizations To achieve appropriate maturity level of cyber security controls within member organizations To ensure cyber security risk are properly managed throughout member organizations The requirements of this framework does not just encompass best practices suggested across various industry cyber security standards like PCI DSS , NIST, ISF, ISO, BASEL but also mandates adherence to some. The framework mandates and defines principles, and objectives for initiating, implementing, maintaining, monitoring and improving cyber security controls in member organizations. The SAMA Guidelines are very crisp and clear regarding cyber security principles and objectives. Those are broken down into four domains of cyber security: Leadership and Governance, Risk Management and Compliance, Operations and Technology and lastly Third-Party Security. [caption id="attachment_23026" align="aligncenter" width="503"] Figure 1: SAMA Cyber Security Framework Structure Source: Cyber Security Framework, Saudi Arabia Monetary Authority, Ver 1.0, May 2017[/caption] It is well known that regardless of the source of a cyber-attack, compromised credentials eventually lead to cathartic damages in any cyber-attack. Identifying the root cause for this spot on, SAMA suggests stringent measures around User Privileges, Identities & Access Management. They have laid down a comprehensive list of control consideration policies for member organizations around providing need-based and controlled access to critical IT systems, discovering & vaulting critical IT systems and privileged accounts, comprehensive monitoring and logging and multi-factor authentication enablement for all privileged users including internal staff and third-party vendors. Sectona PAM is Aligned with SAMA Best Practices Sectona, with its modern and next generation Privileged and Remote Access Management (PAM) Suite helps organizations achieve compliance with confidence. Business Requirements for Access Control The guidelines state that all the users’ access must be on need-to-have and need-to-know basis to avoid unauthorized access and (un)intended data leakage. With Sectona’s Spectra Privileged Access Management, access can be controlled, defined and managed on a need-to-know and need-to-have basis. Depending on the users’ roles, responsibilities and need to access critical IT systems, access policies on a granular scale can be defined and password-less transparent access to IT systems such as RDP, SSH and others can be enabled. This ensures that only designated users access with their authorized named user IDs and passwords of these privileged accounts are not shared among multiple users. Spectra PAM also empowers you to automate discovery across accounts & assets for easy on-boarding of accounts reducing significant manual efforts for IT operations team. Furthermore, provisioning of privileged accounts adds another security layer for on-boarding additional users who need privileged access. Spectra PAM Account and Asset discovery provides an automated way of discovering IT assets across your IT infrastructure. With schedulers and automated on-boarding rules, obtain relevant asset information and reduce time for securing privileged accounts. Start on-boarding VMware ESX/ESXi managed guest OS Automatically retrieve and list OS linked to Active Directory Run network-based discovery for assets across on-premise locations Gain complete visibility into the privilege accounts & IT assets whether on-premises or in the public or private cloud User Access Management With Automation The guidelines states managing users with changing role or job positions, any change in external staff or third parties should be approved by accountable party.Spectra Privileged Access Management Solution is tightly integrated with Active Directory and it can allow access to users present on AD. Various roles and user access policy creation is possible for the users. Spectra has maker-checker facility wherein any changes or modifications to user roles can be validated and approved by authorized personnel. With Spectra’s Attribute based grouping policies, access provisioning to users can be automated while following attributes such as role, IT asset group, user band etc. This reduces manual dependence to map one-on-one access for each user to each IT asset and account. Centralization of Identity and Access Functions The guidelines state that all the functions of identity and access management should be centralized. Spectra PAM has a centralized web console that can be accessed from any platform & any HTML5 supported browser. Since Spectra works on micro-services architecture, all components are embedded into one web console which can be configured & controlled via central management console. This also helps at the time of upgrade of Spectra to control centrally with a single installer. Privileged and Remote Access Management with MFA The guideline states that all the users taking privileged access should have restricted use, MFA should be used for all remote users, MFA should be used for all privileged users taking access on critical systems with risk assessment, all the accounts must go through a periodic review, there should be individual accountability. Spectra Privilege and Remote Access Management Solution allows creating separate policies for remote users wherein, they have MFA enabled access. While defining user access policies, MFA can be enabled for all privileged users taking access. With Spectra’s cross-platform and browser-based access capabilities, all users especially remote user and third-party users can be enabled access to IT systems without VPN over browser ensuring restricted use over data movement and copy of data. Learn more about securing remote privileged access without VPN here. Spectra PAM allows creation of user policies where multi-factor authentication-based access can be enabled for user profiles handling critical and sensitive data. Spectra PAM suite is built with robust MFA authentication capabilities with easy to implement MFA for multiple sets of users. Solution provides a range of authentication methods covering: Adaptive authentication for enforcing MFA based on risk scoring for user access that relies on parameters such as time-based access, device fingerprinting and access criteria based on Geographic location Integration with leading Cloud Based MFA authentication providers such as Okta, One Login and Duo helping reduce time to implement and integrate Sectona Mobile which provides MFA based on Mobile based Soft Tokens (without internet connectivity), SMS Tokens, and Email Tokens. Out-of-the-box integration with hardware token providers such as RSA SecureID and Vasco Monitoring, review & accountability The guideline states that monitoring and review of privileged and remote accounts must be done while ensuring accountability.Spectra PAM has a robust session recording and session logging module that captures comprehensive details around which user accessed what system at what time from where among other details. This helps associate individual accountability of privileged and remote user access.Furthermore, Spectra has an in-built Threat Analytics and Risk Assessment Engine, which calculates a risk score for each and every session based on user profiling and the activities carried out in each session. The use of non-personal privileged accounts For this requirement, guidelines state that there should be limitations and complete monitoring of the privileged sessions, all the passwords must be confidential and all the passwords must be changed periodically and also at the end of each session.Spectra PAM enables administrators for live monitoring of the sessions and termination as well with complete audit. All the passwords are stored in robust Spectra Password Vault which does the complete management of passwords i.e. rotation, verification and reconciliation. Users can define the frequency for password change along with the desired complexities. Conclusion It would be safe to say that SAMA has laid down an extensive list for Identity and Access Management requirements taking into consideration complete security of the nation. The detailed framework document is available.Going one step further, we have also published a list of high priority use-cases that companies must take note of and protect when it comes to securing privileged accounts. Refer to this document here. Also, for those starting out with their privileged access security programs, start by targeting and identifying all privileged accounts. Leverage this list here  to start your privileged access security program.
Shruti Kulkarni April 30, 2020

Why Running Isolated Privileged Sessions For Remote Users Is Important?

More than 40 percent of top executives from the CNBC Technology Executive Council confirm that data and cyber-attacks have surged since the majority of their workforce is working from home. While many organizations are moving to define a new norm for Work from Home, most use a hybrid environment, and many of their on-premises components aren’t going anywhere soon. As CIOs and CISOs navigate these turbulent times, keeping employees safe and running business operations is of supreme importance currently. As millions of workforce now work from home including IT teams, mistakes and human errors are bound to open door to cyber attackers. As people continue to remain a perimeter control in an organization, hackers continue to exploit vulnerabilities and focus their efforts on compromising user credentials. IT teams have now been forced to run privileged activities outside the conventional IT setup. Some of these processes of remote access have never been stress-tested or risk-evaluated in the past. Protecting access to these technologies is critical, as VPNs and Virtual Desktops become the new attack vectors for cyber attackers, and the gateway to your internal networks. Considering the rapid surge of this pandemic, IT Teams were not completely prepared for a massive spike in work from home environments. Privileged users, developers, application team users have been accustomed to working from hardened, monitored and controlled office machines. However, this wave has forced organizations to ship desktops to allow employees work from home and sustain business as usual. Some organizations have allowed access from personal devices to office environments with/without normal VPN setups. Needless to mention, in such scenarios, employee access is susceptible to unknown environmental attacks like on Wi-Fi network. Organizations at the same time must evaluate risk of increasing cases of insider threats, data leakages and unmonitored access. VPN based access or Direct Access to Cloud Servers In normal scenarios, many internal IT users require a specific environment to operate and often access their workstations. In case of external users, a specific access is provided to RDP or SSH sessions via VPN. VPNs normally provide security of encrypting the traffic with some providers adding features for basic device health check and source country check. In a privileged access scenario, this normally means a user with a potentially unknown & possibly vulnerable machine eventually has high privilege access to your environment. This also means that normal controls of data movements, identity checks, audit logging are limited. Learn more on the vulnerabilities of a VPN based remote access here. Public cloud environment is susceptible to attacks where direct server access is granted to IT teams. While this is common scenario for test environments, a poor network configuration or misconfiguration could expose your network to a major breach hotspot. Isolated Privileged Sessions Isolating privileged sessions from the outside world or your trusted users accessing from anywhere is an ideal scenario for planning your privileged access strategy for work from home users. Provisioning Bastion Hosts to secure your production environment (on-premise, public or private cloud) without boundaries is recommended to withstand attacks while allowing access to critical applications & assets. Often managing Bastion hosts like Windows Terminal Servers require skills for specialized hardening parameters, network re-configuration & additional licensing issues & additional user access management (if managed outside your trusted windows domain). Sanitize your Attack Surface with Sectona PAM’s True Session Isolation Sectona Privileged Access Management is a quick to deploy solution with option for software defined proxies for RDP, SSH & Web Sessions with pre-configuration setup for allowing access using Windows Terminal Services. It has an advanced technology that seamlessly allows RDP, SSH, Web sessions over TLS on port 443 enabling you to traverse corporate firewalls easily. With added control of restricted movement of data and isolating the user machine to connect to your environment significantly reduces your attack surface. Know more about Sectona Privileged Access Management here.
Siddhesh Shetye April 16, 2020

De-Constructing Security Of VPN-Based Remote Access

In such unprecedented times, entire workforce globally has been forced to work from home. While safety first is the order of the day, it has also put tremendous pressure on CISOs & security teams within organizations to test the ‘safety’ of their respective organizations’ IT infrastructure and architecture. Needless to mention, VPN-based remote access is the way to go for most. For what it’s worth, for all the right reasons, the appeal for a VPN is justified, since it is cost effective, easy to use and most importantly gives the perception of secure remote access. However, what is interesting is this – I was just browsing through the primary use-cases of a VPN and the results for the same were amusing. The top 3 use-cases I saw were: -Bypass restrictions from ISPs & governments to browse websites of choice by hiding & masking your source IP address -Workaround to watch streaming media such as Netflix in places that restrict viewing of content on such platforms -Protect yourself from being logged while torrenting Well, I know the larger intent of a VPN and how it does work for organizations, especially in scenarios where a site-to-site VPN is in use. In some places, a remote VPN is used wherein there is a pre-requisite for end users’ devices to have the VPN client installed. Yet, when I read these results today, it is amusing as it does not come across as a compelling enough reason to opt for a VPN for securing access to critical IT systems and applications, should one not know about its use-case in IT scenarios. None of the above use-cases evidently speaks of the security aspects a VPN can provide to an organization or how it can secure a user’s access or protect critical data. It simply speaks of the anonymity a VPN can provide while browsing over the internet or public Wi-Fi under the pretext of safeguarding privacy and encrypting the traffic from user’s machine to the VPN as if the access came from the organization’s private network. Yet, are these reasons enough to make VPN the go-to solution for securing remote work from home amid this global pandemic, especially for organizations that store confidential data and allow critical access to users? Maybe not. De-Constructing VPN Vulnerabilities From an operational standpoint, VPN setup is architecturally more complex and more expensive to maintain. Furthermore, it causes inconvenience to users requiring manual and time-consuming steps to enter credentials and initiate a session. From a security standpoint, attack surface is much larger, let’s consider the below scenarios: Scenario 1: For organizations where remote workers use personal devices and are required to only access selective applications or systems, allowing access via VPN client may expose them to a larger attack surface. This is because of the VPN client that is installed on the personal devices, through which other hitherto unknown or malicious applications get exposure to sensitive organizational servers and systems. This is a highly risky and undesirable scenario. Scenario 2: Let’s say, to tackle above scenario, designated & hardened IT-managed desktops/laptops are provided to remote users for remote access. Notwithstanding the operational & cost burden to facilitate this arrangement, does it still offer foolproof security? A Research was conducted by academics a few months ago that identified a vulnerability or security flaw in specific operating systems (tracked as CVE-2019-14899) which could allow an attacker to tamper with VPN-tunnelled connections. Another Research by a group of United States & Spain academics have discovered a whopping 13 programming errors in 61 separate VPN systems tested. They also identified that 6 of 200 VPN services also scandalously monitored user traffic. This very concept is nothing but data leakage. Such vulnerabilities are enough for hackers to inject a malware onto the remote system, intercept and compromise credentials of high privilege accounts and take out sensitive information. All it takes is one compromised credential to bring an organization to its knees, not worth the risk. Scenario 3: With VPN based access enabled, remote users are given access to the entire network with restrictive control whatsoever as to which systems or applications can be accessed by the users. This exposes the entire infrastructure for access to all remote users which again calls for high risk since the concept of controlled privileges or need-based access is left unaddressed. Furthermore, there is no logging or tracking of activities or access being done pro-actively. This could make governance much harder considering lack of comprehensive accountability relying only on system logs at best. Scenario 4: VPN growth is accompanied by the need for more firewall and other gateway or router appliances. A couple of years ago, Cisco had released an alert stating a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of the affected system and it could stop processing incoming VPN authentication requests due to a low memory condition. From the above scenarios, the baseline is clear – VPNs are good for allowing users who need access to non-critical information but for those who need access to sensitive information and systems, VPN simply isn’t enough to ensure privacy. Adopt a VPN-Less Approach A modern and easy-to-deploy approach for this is to activate a remote privileged access system. All it takes is for the organization to provide a dedicated virtual server residing with organization’s IT managed network. The IP for this server (or dedicated URL as defined by the IT team) should be published over the internet. Any remote user who wishes to access organization’s infrastructure, connects and authenticates through this SSL encrypted communication from user machine to server. Once in, password-less & role-based access can be defined for only designated applications or systems such as RDP, SSH or critical business applications. Moreover, such access can be allowed over any HTML5 supported browser. This means, the real RDP or SSH sessions open on the server residing in organization’s premise, only a virtualized rendering of this session is emulated over the browser for the remote user. As such, for any critical session accessed, user only sees an HTTPS based session and is hence secured and encrypted. Furthermore, since a browser-based session is allowed, activities including copy paste or extraction and download of data from session to end user’s machine is restricted imposing stronger control measures. Rest assured, all sessions initiated by remote users are completely logged and monitored with comprehensive audit trails suggesting who logged in to which system at what time and performed what. This helps with better governance and mitigates risks associated with uncontrolled access given to remote users, isolating user’s end machine from critical systems and network and restricting copy or movement of data outside the network. Integrate VPN with an Additional Layer of Security Framework With a VPN in place, to mitigate risks of VPN vulnerabilities, impose an additional layer of security with a privileged remote access security technology. Instead of allowing transparent access to users from the VPN to critical systems, enforce access to remote users and route traffic through this privileged access (PAM) server. Allow communication from VPN only towards PAM server. From PAM, access can be better controlled, encrypted and instead of allowing access to complete network, dedicated need-based access to RDP, SSH and other critical applications can be defined for users. Needless to mention, comprehensive logs and monitoring of user activities can be captured. How Sectona Can Help Secure Remote Access Sectona provides an easy-to-deploy Privileged & Remote Access Management solution capable of providing the advanced technology to allow VPN-less or VPN integrable secure access to remote work from home users. The solution seamlessly allows RDP, SSH, Web sessions over TLS on port 443 enabling you to traverse corporate firewalls easily. With added control of restricted movement of data and isolating the user machine to connect to your environment significantly reduces your attack surface. Know more about Sectona Privileged Access Management here.
Avatar April 15, 2020

Mitigate the Risk of Credential Theft Arising from Emotet Malware

The Emotet banking Trojan works to steal vital and highly sensitive customer information by targeting banks and financial databases. Later versions are known to be introduced with spamming and malware delivery capabilities including other banking Trojans. Emotet has therefore been labeled as one of the most expensive and destructive malwares that can affect local and national governments in addition to private organizations. The malware has cost governments up to 1 million dollars per incident to combat its infectious after-effects. The Emotet Trojan uses email spamming to spread and establish itself. Emotet works by downloading or dropping other banking Trojans; it can easily pass undetected through signature-based detection systems as well as various security layers, thanks to its polymorphic nature. It utilizes modular Dynamic Link Libraries (DLLs) to update its capabilities, making it destructive and difficult to detect. It also is aware if it's running in Virtual machines and will become dormant to avoid detection within sandbox environments. It proliferates through many ways such as auto-start registry keys and services. The attack spreads through malspam. Emotet will hijack your mail contact and distribute itself to those on your contact list via mail. Once the receiver downloads the infected files, the Emotet will spread. In networks that are connected, Emotet will spread by making use of common passwords saved by search engines such as Internet Explorer, Mozilla Firefox. Researchers find that Emotet uses the EternalBlue exploit to proliferate rapidly across the network. Emotet hits multiple targets, individuals, companies and governments in the US and Europe and steals logins, financial information and crypto wallets. As the current version delivers other banking Trojans, its target audiences seem to have grown wider, infecting organizations across Canada, UK and US. An important Emotet attack was on Allentown city, PA, the cleanup of which required assistance from Microsoft’s incident response team and cost the city more than 1 million dollars. Awareness about how the Trojan spreads is key to its prevention. You can also follow certain best practices to limit the effect of Emotet and other malspams, such as: Keeping computers updated with the latest MS windows patches. Refraining from any suspicious downloads or clicking suspect-looking links. If you stop Emotet at this stage itself, then it has no chance of gaining control over entire systems or networks. Learning and teaching about the importance of a strong password and using multiple factor authentications is extremely necessary. Organizations and banks can protect themselves and customers by having a robust plan and cybersecurity program with multiple layers of protection. Such a system is essential for real-time detection and remedy of Emotet attacks. In cases of an existing infection, you first need to isolate the infected computer if it is connected to a network, then patch and clean it. Then move clean-up the other computers within the compromised network, one at a time. Lastly, even if such a malware attacks your system, you can mitigate the risk of a deeper impact by having a controlled layer of user access privileges & password management in place. Here comes into play, Sectona’s Spectra Privileged Access Management solution which manages the passwords, does the timely rotation and reconciliation as per the pre-defined password policy and controls the access privileges given to users. Also, it enables the use of Multi-Factor Authentication (MFA) while granting access to your IT infrastructure for multiple sets of users.
Shruti Kulkarni August 30, 2019
1 2 3 4