Comparative analysis of solutions to provide control and management of privileged access in the IT environment

Романюк, Олександр Миколайович and Складанний, Павло Миколайович and Шевченко, Світлана Миколаївна (2022) Comparative analysis of solutions to provide control and management of privileged access in the IT environment Електронне фахове наукове видання "Кібербезпека: освіта, наука, техніка", 16 (4). pp. 98-112. ISSN 2663-4023

[thumbnail of O_Romaniuk_ _ Skladannyi_S_ Shevchenko_CEST_4_16.pdf] Text
O_Romaniuk_ _ Skladannyi_S_ Shevchenko_CEST_4_16.pdf

Download (657kB)

Abstract

Abuse of privileges in the IT environment is defined as one of the threats to the information assets of the business at the present stage. The article examines and analyzes these problems, which are closely related to the leakage of information due to legitimate access to it and / or unauthorized access to it. Reports, research, acts, surveys at various enterprises contain a large amount of analytical and statistical materials that confirm the relevance and importance of this work. Based on the scientific literature, a review of key definitions on this issue, namely: characterized the definition of "privileged access"; the main examples of privileged access in the IT environment are considered; describes the risks and threats of information from attack vectors associated with privileged access to the IT environment. The mechanism for control and management of privileged access - RAM is presented, the steps of this process are highlighted and its expediency is substantiated. Experimental techniques allowed to choose the most applicable solutions of RAM: WALLIX Bastion PAM, One Identity Safeguard PAM, CyberArk PAM. The essence and functionality of each of these solutions are revealed. The advantages and disadvantages of each technology are established. As a result of research of technical and functional characteristics the comparative analysis of data of three decisions is carried out: obligatory components of the decision on control and management of privileged access are the manager of passwords and the manager of sessions (sessions), and additional - the module with analytics of privileged sessions and the access manager. use a VPN to access privileged assets. It can also be noted that the functionality of all products is very similar, so the implementation plays a big role, namely the practical approach during operation, internal algorithms, additional opportunities for integration and innovation. PAM solutions are recommended for organizations as a means to mitigate information security risks and threats due to insider activities of company employees who have privileged access to the IT environment.

Item Type: Article
Uncontrolled Keywords: information security; internal threats; privileged access; unauthorized access; control and management of privileged access
Subjects: Це архівна тематика Київського університету імені Бориса Грінченка > Статті у наукометричних базах > Index Copernicus
Це архівна тематика Київського університету імені Бориса Грінченка > Статті у журналах > Фахові (входять до переліку фахових, затверджений МОН)
Divisions: Це архівні підрозділи Київського університету імені Бориса Грінченка > Факультет інформаційних технологій та математики > Кафедра інформаційної та кібернетичної безпеки імені професора Володимира Бурячка
Depositing User: Павло Миколайович Складанний
Date Deposited: 14 Jul 2022 13:26
Last Modified: 14 Jul 2022 13:26
URI: https://elibrary.kubg.edu.ua/id/eprint/41521

Actions (login required)

View Item View Item