Escolar Documentos
Profissional Documentos
Cultura Documentos
Kris Zupan
CEO/CTO e-DMZ Security
1
Agenda
• The Issue - Remote Vendor Access
• What is different between RVA and Remote
Access?
• Outsourcing Influences
• Compliance
• RVA Requirements
• eGuardPost™ Discussion
• eGuardPost™ Demonstration
• Questions
2
The Issue-
Remote Vendor Access
3
What is different between RVA and
Remote Access?
• Remote vendors should be restricted to only be able to access the areas
of the company they support. A remote vendor contracted to administer
specific Unix systems should not be connecting to other systems or
resources at will.
• Remote vendors have staff that is outside the view of the company. Staff
changes at the vendor company may result in challenges around
accountability.
4
Outsourcing Influences
• Outsourced system administration
• Many companies have looked towards outsourcing of system
administration due to the increasing complexity of system support.
Keeping systems patched and protected has become a specialty.
• Giving system level control to an outsource provider may jeopardize
security controls implemented.
• Outsourced development
• Cost considerations have many organizations utilizing off-shore or
other outsource development resources.
• Many companies are concerned about production support risks.
• MSSPs
• Analysts have forecast that security will become the most outsourced
IT function.
• Issues around control of controls.
5
Compliance
• SOX
• Need to show that developers or system administrators did not
adversely affect financial systems.
• Many would like a centralized view into actions within their financial
systems instead of system level audit information from every host.
• GLBA
• Demonstrate that privacy information is controlled from system level
access.
• Dual control as fraud prevention.
• HIPAA
6
RVA Requirements
1. The solution must provide granular access control, to completely control
the access of the remote vendor.
2. The solution must be clientless, since most companies can not dictate the
remote client system or software.
3. The solution must provide a complete and robust session and access
audit trail, so that companies can answer the regulatory questions of
vendor access to protected information.
7
Current Approaches
1. Jump box
• In this scenario, the vendor only has access to a few defined
machines from which they initiate their sessions.
• Pros-
1. Defined point of entry
2. If using keystroke logging, can provide a replay.
• Cons-
1. Effort to ensure jump box is not circumvented
2. Only works for command line activities
9
RVA Scenario
10
Questions
11