On November 12th, Miaomiao Station, Security Marketing, Looking for Urban Partners·Channel Salon (Shanghai Station) was grandly held at the Renaissance Shanghai Dragon Dream Hotel. Parady, as a star manufacturer in the security field, was invited to attend this conference, and cooperated with the Shanghai area. Partners discuss cutting-edge products in the security industry, exchange new applications of security products, share best practices of customer cases, and jointly help the rapid development of the data security industry.

At the meeting, Wang Feng, Chief Security Officer of Parady, brought you a wonderful speech on the theme of "Best Practices in Security Management of Parady's Privileged Identity Access". The solution idea of the privileged identity access security management system of Dixing products shared the actual landing solutions of Parady's industry leading customers.

At the meeting, Mr. Wang pointed out: From physical servers, virtual machines to public cloud, private cloud and 5G Internet, it is not difficult to find that traditional network boundaries are quietly disappearing, and identity has become a new boundary, among which, privileged identity is even more important. Above all, the advent of privileged identity access security management is especially important for the protection of critical IT assets.

What are the privileged accounts?

When talking about privileged account management, a topic that cannot be avoided is privileged accounts. As we all know, PAM tools can provide organizations with security privileged access management policies for critical assets, and meet compliance requirements by managing and monitoring privileged accounts and access. Different types of privileged accounts have different access rights and access paths. This requires operation and maintenance personnel to perform different privileged operation and maintenance management based on account classification.

According to the nature of the privileged account, Mr. Wang divides the privileged account into two categories: personnel privileged account and software privileged account. Among them, personnel privileged accounts include personal privileged accounts, system-defined shared privileged accounts, and enterprise-defined shared privileged accounts; software privileged accounts refer to services that remotely interact with other systems, applications, databases, or services (software-to-software). , application or software account.

For the management, operation and maintenance of these two types of accounts, Mr. Wang shared with you two mainstream methods for managing privileged accounts with PAM technology, one is privileged account and session management (PASM); the other is privilege escalation and delegated management (PEDM). ). He noted that these two management approaches have increasingly become important concerns for security and risk management leaders when selecting PAM tools.

How to control database-level privileged account access?

So, how to control the access of more fine-grained database-level privileged accounts? President Wang emphasized: When encountering database violations and malicious operations, timely behavior blocking, authority governance, and dynamic desensitization of operation and maintenance data are the keys to solving the above problems. The following functional requirements are proposed:

1. Automatic inspection of privileged accounts

2. Governance and Control of Privileged Access

3. Privileged account risk analysis

4. Database privileged identity governance

5. Protocol proxy and automatic encryption

6. Monitor and audit operational activities

What can Parady PAM do?

Then, Mr. Wang combined with the security capability model of IPDRP to show everyone the design framework and technical advantages of the Parade privileged identity access security management platform. He pointed out that the Parade privileged identity access security management system combined with the "zero trust" security model , automatic security operation and maintenance and database identity governance, and finally solve the problems of unified security governance, centralized risk detection, transmission channel control, in-depth access control, and database operation and maintenance privileged identity governance of privileged accounts in data center infrastructure.

Finally, he shared the privileged account management solutions in different application scenarios based on the industry practical experience of Parady's privileged identity access security management system, which was warmly supported by the participants.

So far, Parady's trip to find a city partner · Channel Salon (Shanghai Station) has ended successfully. In the future, Parady will continue to devote itself to the research and development of cutting-edge technologies for data security defense, continuously improve its own products and solutions, empower major enterprises to strengthen data security and information security, and join forces with channel partners to win a new future of data security. .

Shenzhen Station · Notice

Looking for a city partner · Channel Salon (Shanghai Station) has come to an end, and Parady's trip to safety exchange has just begun. Cheng Songyuan, a senior consultant of Parady, will give a keynote speech titled "Comprehensive Solution for Parady Database Security Operation and Maintenance". At the same time, everyone is welcome to scan the code to register for the conference. Parady is looking forward to having in-depth exchanges with all partners on the spot. , talk about safety!