Skip to end of banner
Go to start of banner

Local Windows Servers Connector

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Local Computer Privileged Identity Management

Attackers frequently target local computer administrator accounts to gain privileged access to an organization's IT network. These local admin accounts possess full access to all local resources, including databases, and pose potential audit risks concerning regulations such as SOX, HIPAA, PCI-DSS, FINMA, MAS, FISMA, and NERC. Moreover, local admin accounts can serve as a gateway to a company's most valuable network data. EmpowerID helps protect your organization by inventorying servers to discover, monitor, and control local users and groups, including local administrators. Role and attribute-based access control policies are employed to manage membership in the local administrator's group and facilitate access requests through the IAM Shop.

EmpowerID automatically rotates passwords for all privileged identities by assigning them to relevant policies. It resets passwords in the managed system through its connectors and updates the vaulted information. For Windows servers, EmpowerID delves deeper by inventorying and managing identities used for Windows Services and IIS Application Pools. Typically undermanaged, these identities' passwords often remain unchanged due to challenges in identifying their usage across systems and updating these systems when passwords change. EmpowerID automates the necessary system updates each time a password is rotated.

Managing and Recording Privileged User Sessions

Privileged accounts are crucial for daily IT operations but also represent a liability, with 62% of security breaches resulting from privileged account abuse. In a Zero Trust model, access should be minimal, granted for only short periods, proxied, and monitored if possible.

EmpowerID's Privilege Session Manager serves as a web-based gateway, offering authorized users RDP access to on-premise or cloud Windows servers without exposing the servers to actual network access. This best-practice approach prevents malware and hacking exploits that rely on network connectivity to targeted servers. Additionally, strong adaptive identity verification is enforced, and sessions can be optionally recorded as videos for later compliance investigation or verification. The privileged credential's password remains hidden from the end-user, eliminating the potential for sharing or misuse.

Windows Server Compliance and Recertification

EmpowerID streamlines the audit process for your infrastructure team. The sprawling and dynamic nature of virtual machine environments can pose significant challenges for auditors, making it difficult to demonstrate who has local system access to critical systems during a certification process. EmpowerID simplifies this proof by maintaining an up-to-date audit and offering complete control over Windows Server access across all cloud and on-premise environments. Built-in attestation policies enable rapid periodic recertification of local computer group memberships, expediting the auditing process. Risk-based separation of duties policies also allows you to define toxic combinations of access, facilitating detection and remediation if discovered.





  • No labels