Privileged User Monitoring

The Challenge

The Risk of Privileged Users in the Cloud

Privileged users are entrusted with permissions to perform highly sensitive operations on systems, applications, programming interfaces, and data.  As critical infrastructure and data move to cloud apps and services, the traditional controls organizations have for privileged users and administrators in the data center no longer address monitoring and privileged user management sufficiently.  More organizations are choosing to monitor privileged activity in the cloud in order to detect and respond to cyber threats and malicious insiders proactively.

For example, Amazon Web Services administrators can change the configuration of production infrastructure, replicate a virtual instance, or shutdown services – all without a complete audit trail of their actions.

In addition, industry mandates such as PCI DSS and regulations such as SOX require monitoring and logging of privileged user activity wherever it takes place.  Providing a log of changes to systems, settings, and who made those changes is a common request.


The Solution

Keeping an Eye on Administrator Activity, Separating Duties

Skyfence monitors, analyzes, and logs all privileged user activity in the cloud.  With Skyfence, organizations have a consistent global view of privileged user activity across all their cloud apps and services.  IT staff will know which users have administrative powers on cloud apps and can use Skyfence’s real-time capabilities to detect, alert, and block suspicious activity that signals a cyber or insider attack.  Skyfence standardizes logging formats across apps ensuring compliance violations are caught early and detailed reports can be provided to auditors with minimal burden on staff.

In addition, Skyfence facilitates a separation of duties between security administrators and other privileged users, a requirement for compliance and a best practice for IT security teams.

All this happens automatically out-of-the-box for all cloud apps.  There is no requirement to define and build polices for each and every app.