INTELLILINK Privileged Identity Management Solutions
Overview
In today's environment with increasing number of incidents involving unauthorized use of privileged IDs (such as administrator/root) and information leakage due to cyber attacks targeting privileged IDs, the proper management of privileged IDs has become an important issue that companies must address.
From the perspective of internal control and auditing also, it is important to manage "who" is going to use (can use, used) the "privileged IDs" that have full control.
iDoperation is a privileged ID management solution that supports the three operational items required for privileged ID management - "management," "lending," and "inspection", automates everything from the appropriate lending of privileged IDs to problem detection and realizes a safe, secure, and efficient IT operation environment.
Installation Effect
- 1. Security
- iDoperation deters fraudulent acts by privileged users and supports countermeasures against targeted cyber attacks, which have become a major threat in recent years.
- 2. Governance
- iDoperation supports the strengthening of controls such as internal controls and J-SOX audits, as well as compliance with guidelines such as FISC security standards and PCI DSS.
- 3. Cost reduction
- iDoperation helps in reducing the utilization of information system department and outsource administrative tasks.
Strengths
1. Provides all functions required for privileged ID management
Privileged ID management requires three operational items: "administration", "lending", and "inspection".
iDoperation provides five basic functions in single package that meets the required audit level.
2. Audit response capabilities
iDoperation provides many audit reports, such as privileged ID usage inspection reports and account inspection reports, enabling efficient audit response.
3. Architecture that does not affect the existing environment
iDoperation can be deployed without affecting existing systems because of its agent-less architecture that does not affect the target.
There is no need to change the network of the existing environment because the client directly makes privileged access to the target.
4. Reduction of management man-hours and automation of management tasks
iDoperation reduces IT department management man-hours related to privileged ID management by automating audit response tasks such as comparing access logs and application forms, as well as periodic account management tasks, and also supports outsourcing.
5. Capable of supporting a wide variety of environments
The number of servers can be increased by scaling out according to the scale.
iDoperation also supports increasingly diverse server environments, including public clouds such as Amazon Web Services (AWS) and Microsoft Azure, as well as management of servers at overseas locations.
System Configuration
iDoperation consists of the following software.
| iDoperation server | Provides management screens for each function/Performs ID management and log collection |
|---|---|
| iDoperation Client | Used for ID user login |
| iDoperation SC storage server | Stores video data of screen operations |
| iDoperation SC recording agent | Records screen operations |
Middleware includes IIS as the web server and SQL Server as the database server.
Example of iDoperation system configuration for small to medium scale
*If there are many operation logs to be recorded, it is recommended to separate the configuration of iDoperation SC storage server.
Target systems where ID management is possible
| OS | Windows Client / Windows Server / Red Hat Enterprise Linux / Amazon Linux / CentOS / SUSE Linux / Oracle Linux / Ubuntu / IBM AIX / Oracle Solaris / HP HP-UX |
|---|---|
| Directory Services | Microsoft Active Directory Domain Controller |
| Databases | Oracle Database / SQL Server / PostgreSQL / MySQL / IBM DB2 / HiRDB |
| Virtual Software | VMware vSphere / VMware vCenter Server Appliance / Hyper-V Server |
| Cloud Services | AWS Management Console (IAM) / Azure AD / Salesforce / Box |
| Cloud Services (Database) |
Amazon RDS for SQL Server / Amazon Redshift / Amazon Aurora PostgreSQL / Amazon RDS for PostgreSQL / Amazon Aurora for MySQL / Amazon RDS for MySQL |
| Cloud Services (Directory Services) |
AWS Managed Microsoft AD / AWS Simple AD |
*Each of them has its own prerequisites and restrictions to be an ID management target.