According to the nature of the privileged account, Mr. Wang divides the privileged account into two categories: personnel privileged account and software privileged account. Among them, personnel privileged accounts include personal privileged accounts, system-defined shared privileged accounts, and enterprise-defined shared privileged accounts; software privileged accounts refer to services that remotely interact with other systems, applications, databases, or services (software-to-software). , application or software account.
For the management, operation and maintenance of these two types of accounts, Mr. Wang shared with you two mainstream methods for managing privileged accounts with PAM technology, one is privileged account and session management (PASM); the other is privilege escalation and delegated management (PEDM). ). He noted that these two management approaches have increasingly become important concerns for security and risk management leaders when selecting PAM tools.
How to control database-level privileged account access?
So, how to control the access of more fine-grained database-level privileged accounts? President Wang emphasized: When encountering database violations and malicious operations, timely behavior blocking, authority governance, and dynamic desensitization of operation and maintenance data are the keys to solving the above problems. The following functional requirements are proposed:
1. Automatic inspection of privileged accounts
2. Governance and Control of Privileged Access
3. Privileged account risk analysis
4. Database privileged identity governance
5. Protocol proxy and automatic encryption
6. Monitor and audit operational activities
What can Palladium PAM do?
Then, Mr. Wang combined with the security capability model of IPDRP to show everyone the design framework and technical advantages of the Parade privileged identity access security management platform. He pointed out that the Parade privileged identity access security management system combined with the "zero trust" security model , automatic security operation and maintenance and database identity governance, and finally solve the problems of unified security governance, centralized risk detection, transmission channel control, in-depth access control, and database operation and maintenance privileged identity governance of privileged accounts in data center infrastructure.
Finally, he shared the privileged account management solutions in different application scenarios based on the industry practical experience of Palladium's privileged identity access security management system, which was warmly supported by the participants.
So far, Palladium's trip to find a city partner · Channel Salon (Shanghai Station) has ended successfully. In the future, Palladiumwill continue to devote itself to the research and development of cutting-edge technologies for data security defense, continuously improve its own products and solutions, empower major enterprises to strengthen data security and information security, and join forces with channel partners to win a new future of data security. .
Shenzhen Station · Notice
Looking for a city partner · Channel Salon (Shanghai Station) has come to an end, and Palladium's trip to safety exchange has just begun. Cheng Songyuan, a senior consultant of Palladium, will give a keynote speech titled "Comprehensive Solution for Palladium Database Security Operation and Maintenance". At the same time, everyone is welcome to scan the code to register for the conference. Palladium is looking forward to having in-depth exchanges with all partners on the spot. , talk about safety!