ConsoleWorks Privileged Interactive Access functionality provides the foundation for security and operations to the automation and integration platform. Once ConsoleWorks has knowledge of the various devices, it basically has the ability to take the place of a human in performing many of the mundane functions that may be required.
In addition to the fundamental Access features built into the core product, having access enables ConsoleWorks to perform Asset and Configuration Monitoring more comprehensively versus today’s manual processes. Once ConsoleWorks has access, it performs automated Endpoint Password Management on IT or OT assets. It aggregates any and all log files to provide true Situational Awareness by interlacing those logs, line-by-line and applying a common time stamp.
Finally, with the robust Asset and Configuration Monitoring, ConsoleWorks Patch Gap Analysis has the configuration information retrieved directly from each device – the most accurate source of the information.
Privileged Interactive Access is the power that drives the integrated functionality of the ConsoleWorks platform.
Privileged Access Management
In order to effectively secure electronic assets, access must be controlled and all activity must be automatically logged to provide a forensic record of activity performed by users, 3rd party vendors, and contractors.
ConsoleWorks controls access by allocating specific permissions/ privileges to a user based on the role-based permission model. The permission model specifies which assets a user, vendor, or contractor may access and at what level of privilege. ConsoleWorks supports command-by-command privilege grants for absolute control over electronic access.
The ConsoleWorks solution supports integration with Active Directory or LDAP server. The product was designed with the open ability to integrate its authorization/authentication services with multi-factor and other authentication technologies, as well.
ConsoleWorks is designed to minimize operational disruption and mean-time-to-repair.
- Secured Role-Based Account Control (RBAC) for asset- specific, task-based, user privileges
- Agentless, persistent monitoring ensuring no gaps in monitoring
- Capture complete recording and playback capabilities for user sessions, across RDP/VNC and even web applications.
- Scanning of incoming data streams for pre-defined text patterns such as failed login attempts
- Appropriate, customizable, log-on splash screen
- All log-ons, log-offs, and failed log-on attempts are captured, logged, and alerted
- All changes – down to the keystroke are captured, logged, and alerted
- Complete intelligence gathering, including source and account IDs, incident context, and commands executed and their results
- Centralized command and control for physical, logical and virtual console connections, Syslog messages, SNMP traps, and other streams of information
- Connections secured using SSL and SSH encryption
- All asset activity logs digitally secured for easy detection of modifications
- Color-coded logs from different information sources facilitating drill-down analyses in aggregated log views
- Events consolidated from all data sources using a common natural time, independent of asset vendor or type
- Sub-second timeframe for more insightful granularity
- Multiple users granted simultaneous remote access to a single asset
- Integrated incident recognition and response
- Complete event lifecycle management: Recognition, Notification, and Remediation
- Events prioritized by severity set initially by OEMs and 100% customizable by users
- Real-time, customizable graphs, and charts for NERC CIP audit reporting and business intelligence
EU GENERAL DATA PROTECTION REGULATION (GDPR)
GDPR Compliance for Privileged Users
The EU General Data Protection Regulation (GDPR) has been designed to protect how personal data of EU citizens is collected, processed and stored.
This requires companies to evaluate their data strategy as to how they collect and store data, who has access to the data and implement policies to ensure compliance with GDPR.
Secure and Controlled Access to Data
GDPR requires companies to implement granular controls to protect access, and set and enforce clear roles and responsibilities for access to the systems that hold personal data. ConsoleWorks Privileged Interactive Access enables companies to proactively protect their privileged credentials and secure remote access to devices and systems for inside privileged users, vendors, and contractors.
ConsoleWorks ensures that every remote access connection made by our customers, whether a privileged user connecting to a critical system or device or a help desk connecting to a user, is secure. ConsoleWorks protects critical systems and data while helping companies meet the data privacy requirements of GDPR.
- Ensure Data Protection
Control and limit access to sensitive personal data to only the privileged users’ authorized level.
- Streamline Regulatory Compliance
Automatically capture detailed audit trail that documents all session activities and credential usage.
- Simplify Audit & Reporting
Significantly reduce the time involved in collecting the data required to support an audit and producing the reports to prove compliance.