Identity and Access Management Solutions
Identity Access Management (IAM) is the necessary element of any reliable security, allowing companies to know who exactly accessed their sensitive data and when, as well as secure access to information preventing unauthorized sessions. In addition to user action monitoring, Ekran System features several in-built identity and access management software capabilities in order to help you organize strong authentication and thus provide better insider threat detection and prevention.
Ekran System provides its customers with three main access management tools:
Two-factor authentication – is available for any Windows server endpoint under all Ekran System licenses, including the Free one. This in-built tool allows to combine user credentials (knowledge factor) and time-based one-time password sent to an authorized user device (posession factor) to build a really strong identity confirmation process for your critical endpoints. Learn more details about our free 2FA tool.
One-time passwords – available for any Windows server endpoint under our Enterprise license, it allows to generate a unique temporary password granting server access to any user that filled up a request form during the login procedure. All requests are logged and manually processed by security experts, who decide whether to deny temporary access or not.
Secondary authentication – this feature is a part of all our licenses and is available for every Ekran System user. When turned on, with each log in procedure, if a generic login is used, the system will require a set of additional unique credentials, that should be assigned beforehand to each individual user.
Being focused on insider threat detection, Ekran System provides several in-built easy to use user access management tools, thus empowering your security strategy.
When enabled, these access control capabilities allow you to
- Protect critical end-points with advanced authentication
- Add transparency to all monitoring logs with forced individual credentials and reasoning request
- Enable live remote monitoring of all critical sessions
- Benefit from the combination of comprehensive monitoring and simple access control tools
Unlike many identity access management solutions, Ekran System has flexible and extremely cost-effective licensing, and thus can strengthen security profile of company of any size.
Our one-time password solution allows to simplify temporal credential management for large enterprises, while at the same time allowing Ekran System to clearly associate each recorded session with individual user that initiated it. It serves as an additional layer of protection for your data and an additional prevention tool to any insider threats that may exist within your organization.
Main benefits of using Ekran System one-time password are:
- Strong end-point protection with temporary access on a session-by-session basis
- No credential management required
- Each user session is approved and then can be monitored in the real-time mode (upholding four-eyes principle)
- Each video recording is clearly associated with an individual user who requested credentials
- Great for third-parties and remote subcontractors
The main purpose of our additional authentication tool is to provide a way to clearly associate each session recording with an individual user that initiated the session.
Often a single administrator account is shared between several employees in an organization. Knowing who exactly initiated each individual session allows you to quickly investigate incidents and gives complete data that can be used for audit purposes, and as an evidence in official investigations.
Main benefits of using Ekran System secondary authentication are:
- Ability to distinguish between users of a shared account
- Complete information for user action audit and monitoring
- Additional layer of protection for sensitive data
- Optional forced user actions acknowledgement
Use our server access management features to:
Identify users of shared accounts
No more faceless “admin” sessions on your critical end-points – know exactly who was working behind the generic credentials.
Add advanced access control layer to the critical end-points
Simple yet efficient Ekran System access management tools, such as one-time passwords, allow you to add one more protection layer – and control point – into your servers. With this option selected, each session will be explicitly approved and can be directly controlled.
Verify why user session was initiated
Add one more detail layer to each recorded session forcing users to explain the task for the session before it begins. It will not only strengthen your identity management system but also facilitate identity tracking and audit.
Organize work with the third-party contractors providing temporal credentials
The principle of least privilege is especially important when regulating the work of “external insiders” – third-party service providers and other contractors. One-time password technology is a simple and efficient way to organize their purpose-based access to your infrastructure without sharing permanent credentials.
Build your SME security strategy in the cost-efficient way
Ekran System combines comprehensive activity monitoring features and in-built access management solutions with flexible licensing and beneficial pricing, thus giving you an integrated solution to build your security strategy within your budget.
Integrate Identity Access Management to your security profile without thinking of the budget limitations! Our goal is to give you more with each new release.