Managing risk and protecting the business requires a comprehensive security practice that covers all foundational interfaces. Human error, out-of-policy activity, and malicious insiders can compromise the very foundation the business is built on. ConsoleWorks offers organizations a single tool that can manage all privileged access in the organization, from operating systems to configuration ports.
ConsoleWorks provides the security the business needs with the transparency to prove the practice.
Role-based Access
The ConsoleWorks solution supports a robust task-based/role-based privilege model based on user-defined Access Control Rules. These Access Control Rules give administrators more granular and graduated control over what specific users can do inside ConsoleWorks and how they can utilize ConsoleWorks to access and interact with managed assets.
Privileged actors should only access those interfaces needed to perform their specific work. Role-based access and control ensures that interfaces cannot be accessed without permission, users only see the interfaces assigned. ConsoleWorks prohibits access to other components and network access to compromise the security practice.
ConsoleWorks also enables strong password implementation, access restrictions by task, by role and by policy, and user authentication internally and externally. The solution offers two communication security options, SSL and SSH, which provide for the exchange of encrypted information between the browser (SSL) or the CLI (SSH) and the ConsoleWorks server, and between the ConsoleWorks server and the managed asset (SSH).
There are no vendor limitations because ConsoleWorks is vendor agnostic. Privileged interfaces are secured with a common role-based access and control model, from switches to servers, operating systems to applications, databases to SANs, ConsoleWorks presents a unified and effective security solution.
Persistent Connection
ConsoleWorks maintains a persistent, secure connection to physical and logical infrastructure to monitor user actions, machine activity and all defined incidents worth knowing about. Various levels of physical and logical security are implemented to provide necessary – and often required – protective measures.
Standby, single user, and fault are common conditions where hardware and software are not in normal operating mode, yet those assets are still accessible through selected interfaces. In fact, these ‘abnormal’ but commonly occurring conditions almost always require someone to access a privilege interface to resolve the condition. Unlike traditional approaches to foundational security, ConsoleWorks retains its security and automatic documentation capabilities in all modes through its persistent connection capabilities.
Documentation
ConsoleWorks can control access, enforce permission models, and record down to the keystroke all privileged user activity for virtually any asset in the IT infrastructure. Automatically capturing all privileged user activity enables verification and acts as a powerful deterrent to out-of-policy behavior. ConsoleWorks empowers oversight of all changes, the instant they happen or on demand.
EU General Data Protection Regulation (GDPR)
GDPR Compliance for Privileged Users
The EU General Data Protection Regulation (GDPR) has been designed to protect how personal data of EU citizens is collected, processed and stored.
This requires companies to evaluate their data strategy as to how they collect and store data, who has access to the data and implement policies to ensure compliance with GDPR.
Secure and Controlled Access to Data
GDPR requires companies to implement granular controls to protect access, and set and enforce clear roles and responsibilities for access to the systems that hold personal data. ConsoleWorks Privileged Interactive Access enables companies to proactively protect their privileged credentials and secure remote access to devices and systems for inside privileged users, vendors, and contractors.
ConsoleWorks ensures that every remote access connection made by our customers, whether a privileged user connecting to a critical system or device or a help desk connecting to a user, is secure. ConsoleWorks protects critical systems and data while helping companies meet the data privacy requirements of GDPR.
- Ensure Data Protection
Control and limit access to sensitive personal data to only the privileged users’ authorized level. - Streamline Regulatory Compliance
Automatically capture detailed audit trail that documents all session activities and credential usage. - Simplify Audit & Reporting
Significantly reduce the time involved in collecting the data required to support an audit and producing the reports to prove compliance.
