Shulou(Shulou.com)06/01 Report--

First, the implementation of privileged account management system needs to cooperate with the problem 1. A good implementation plan must be deeply in line with the current situation of the enterprise.

A good implementation plan should do detailed research and design from the beginning, rather than tinkering slowly after implementation. Privileged account management involves enterprise history management, position mutual exclusion, regulatory requirements and so on. Only after in-depth evaluation and research can we design the implementation plan that best meets the needs of customers.

two。 Security control tools can not run healthily without the management process.

A good safety industrial control tool needs to be integrated into the original IT management organization of the enterprise, and must cooperate with effective management measures in order to give play to the maximum value. Therefore, the implementation of the privileged account management system should have an in-depth understanding of the enterprise's IT management structure, job responsibilities and management culture, and design a comprehensive and perfect implementation scheme of privileged account management.

Second, our practice 1. Evaluation of the status quo of privileged account management:

Conduct in-depth research and analysis, from the current situation of the business system, the current situation of operation and maintenance personnel, machine and equipment accounts and other aspects of research and analysis, combined with the regulatory regulations faced by customers and industry best practices, sort out the relationship between the core system, the cross-management of operation and maintenance personnel and the mutual exclusion of job responsibilities, machine and equipment historical account problems and places that do not comply with safety standards. It provides the basis for the further design of the technical scheme of the privileged account.

Products of this stage:

"Evaluation report on the current situation of privileged account Management"

Business system Association Diagram

"staffing and post responsibilities of operation and maintenance"

"system and equipment account list"

Analysis report on the Mutual exclusion of Regulatory requirements and posts

two。 Policy formulation of privileged account management:

On the basis of the basic materials of the investigation and analysis in the above stage, we deepen the design of the technical scheme of privileged accounts, formulate the management strategy of privileged accounts, the functional design of the roles of privileged accounts, and the permission matrix of privileged accounts. refine the relationship and operation process of the mutually exclusive relationship between system / account / authority / user / approving personnel / department / post / post Formulate the corresponding relationship between the job and the system authority and the principle of mutual exclusion, and make specific authority management provisions for specific posts, so as to provide a basis for the strategy formulation and implementation of the privileged account management system.

Products of this stage:

"Design Scheme for deepening the Management of privileged accounts"

"function Design of privileged account roles"

"privileged account approval permission Matrix"

"account naming rules and password policies"

3. Implementation of operation and maintenance management norms for privileged accounts:

On the basis of the customer's SDLC development process, operation and maintenance management norms, and the original account application and approval process, the operation and maintenance management norms of the privileged account management system are integrated and implemented. Through the study of the existing management norms of customers, the system document for the whole life cycle management of privileged accounts is worked out, which covers the intervention points and specific work of the operation and approval personnel of nodes such as development, testing, operation and maintenance, middleware, database and server, to ensure the good operation of the privileged account system after it is online.

Products of this stage:

"Management Specification for Operation and maintenance of privileged accounts"

"rules for reviewing the use of privileged accounts"

Haiyi Security privilege account Security Management system xuhaoping@haiyisec.com

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.