Privilege Access Management – Next Generation Jump Servers

Posted on by forteadmin in Cyber Security

The essential capability of privilege access management is the jump server access to protect organizations against advanced security attacks. As is evident from most of the recent cybersecurity attacks, the frontline for securing organizations has moved inside the enterprise and not at the network perimeter. Next generation jump server access is an important countermeasure against advanced cybersecurity attacks.

[tweetthis]As the advanced attacks continue to rise, abuse of privilege accounts becomes a critical threat to organizations. [/tweetthis]

Jump servers create a solution to separate sensitive and non-sensitive data in the organization’s internal network. As the advanced attacks continue to rise, abuse of privilege accounts is becoming a critical threat vector in many organizations. Key logging exploitation of default, noncomplex or comprise credentials have been the pivot point in most of the breaches in the recent past.

Isolation of sensitive assets and networks has become a mandatory security step to control access to sensitive data. Jump server solutions along with effective firewall rules and network segmentation help enforce a single access control point into the target servers. Next generation jump server solutions combines network isolation, control and monitoring to protect access to sensitive data and assets. The success of the solution depends on enforcing strong access control and accountability without a tradeoff on security or productivity.

PAM - Jump Servers

In layman’s term a jump server works similarly to two-door entrance to a highly secure building. You have to identify yourself to go through the first door. Only when that first door is shut, a second door opens to give you access to the building.

Below are four key jump server use cases and each of them is critical to protect the organizations sensitive data and assets from advanced cybersecurity attacks:

Use Case 1: Network separation

Network separation is the most common use case for jump servers. It isolates the less sensitive network of workstations from the more sensitive network which host servers and sensitive data. Jump servers will often be an additional security measure on top of implementing a firewall between environments. Firewalls or perimeter protection alone cannot stop the spread of malware between an infected workstation and the target server it is connecting to. Some of the examples of jump access via network separation are IT operations support staff accessing to have secure access to the production environment or MSSPs separate their own internal network from the customer’s network or network separation between the systems that need to meet PCI-DSS regulation from those that do not.

Use Case 2: 3rd Party Remote Network Access

3rd party vendors, such as IT outsourced admin staff or service providers; have to remotely access datacenter for support and maintenance. Organizations need to ensure that all 3rd party vendor access from the jump server only to the relevant servers. Additionally, monitoring what the remote vendor is doing in real-time and terminates their activity if necessary. All activities and tasks have a corresponding change management requests or support tickets in the ticketing system for a full understanding and audit trail. In addition to jump server access organizations also incorporate two-factor authentication for remote network access for all 3rd parties for a strong form of access control.

Use Case 3: Management of highly privilege built-in Unix and Windows server accounts

The key requirement that organizations have with respect to privilege access, is addressing the common compliance mandate that every user get a unique account. This is not always possible in a large organization when some accounts must be used for specific functions. There is a solution to this challenge and that is by tracking any shared privilege account usage through controlled access to the password and logging all account activities once checked out. Whether it is sensitive built-in server accounts like root in the Unix or administrator in Windows or other endpoints like databases, and network devices. Controls can be implemented to make the password unique, randomized on each server and rotated every time the account is checked out.

Use Case 4: Centralized Monitoring and Audit Trail

By acting as the single access point into a managed environment, jump servers also act as a central place for monitoring and audit. Users will login with their unique IDs and elevate to privilege access on the server by obfuscate the privilege credential from the user. This offers true accountability for the actions they take, and for the commands they run. Moreover, advance monitoring also enables capability to replay their full session, in video-like format.

Administrators’ desktops often connect to a high-risk application and data. The probability of these desktops being infected with malware has been increasing with increasing sophistication in spearfishing attacks targeted towards IT admin staff. Privileged and shared accounts are critical threat vectors in any organization and are what attackers go after to exact maximum damage.

[tweetthis]A strong defense strategy should encompass all three countermeasures – isolation, control and monitoring.[/tweetthis]

In summary, jump server is a strong line of defense to prevent the spread of malware to the sensitive assets. Organizations must start to isolate their business critical systems from standard resources to minimize the impact of a targeted attack once the attacker is within the internal network. A next generation jump server offers a balanced approach of isolation, control and monitoring. Isolation through jump server access, in conjunction with network segmentation and firewall rules. Control through enforcing user login though unique ID in conjunction with two-factor authentication. Lastly, monitoring through real-time logging of every privileged activity on sensitive business assets. A strong defense strategy should encompass all three countermeasures – isolation, control and monitoring.

Dipak is a Sr. Manager of Security Operations at The Home Depot with in depth experience leading global InfoSec programs for organizations including Coca-Cola, Home Depot, Hydro Quebec, and Dipak has Specialized in all practical categories of InfoSec including security strategy & risk, risk management, policies & standards, governance & compliance, roadmap & implementation planning.

Subscribe to Forteadvisory group news