Privileged accounts essentially involve significant information security risks: compromising or abuse of privileged access to the system might lead to severe financial and reputational loss of the company. The Privileged Access Management class solutions allow for organizing of password management for administrative accounts and hide these passwords from the employees. But the password management itself is not sufficient, since it does not solve the problem of privileged access abuse. It is required that every session leaves a digital “trace” that facilitates incident investigation and helps to find the problem root cause. Session recording could be such a “trace”. Record archive makes it possible to find out, where and what actions have been performed and by whom.


Task description

The tasks of session recording for privileged accounts can be formulated as follows:

  • It is required to provide for session video recording.
  • It is also required to provide for text recording of session. The record should register all the started processes, as well as all the data entered with keyboard.
  • The records must be stored in archive, along with indication of who has performed actions, account used and the resource (server) where the actions were taken at.


Solution

To solve the task, the Indeed Privileged Access Manager (Indeed PAM) software suite uses a session recorder module. The module performs session recording and stores the privileged session archive centrally.

The Indeed PAM session recorder module has the following features.

Sessions record function

  • Session recording with configurable video quality
  • Session text recording
  • Taking screenshots of sessions at regular intervals with configurable image quality
  • All recording types (video, text, screenshots) are supported for both RDP and SSH connections.

General architecture scheme of Indeed PAM to solve the session recording task is given below.



  • No labels