In our last post, we discussed how multifactor authentication (MFA) can help secure privileged accounts. Adding a second factor of authentication, such as a physical ID card or fingerprint, can prevent hackers from using a stolen username and password to gain access to a privileged account. That’s why security experts recommend MFA and many government and industry regulations require it for remote administrator access.
So-called “jump servers” or “jump boxes” can also protect privileged credentials and help meet regulatory requirements for network segmentation. A jump server is implemented within the production network, which is separated from the IT operations network by a firewall. IT personnel connect to this highly secure machine before connecting to mother servers or performing administrative tasks. Jump servers are also used to give third-party service providers and software vendors access to the production network and to provide a central repository for a privileged access audit trail.
A related concept is the secure admin workstation, a locked-down computer that admins must use to connect to production systems. Neither jump servers nor secure admin workstations should ever be used for high-risk activities such as web browsing, email, or productivity apps. These activities expose the system to malware and hacking attempts, which could lead to compromise of privileged credentials.
Jump servers have been around since the early 1990s and traditionally were homegrown systems built with available hardware. The problem with these systems is they don’t truly isolate the production environment. If hackers obtain privileged credentials, they can simply connect to the jump server, access sensitive systems, and delete log files to cover their tracks. If an insider knows the privileged credentials for the target system, there’s nothing to prevent that person from simply bypassing the jump server.
Furthermore, jump servers don’t provide true accountability, particularly if privileged credentials are shared. There’s no way to know exactly who logged in at a particular time and no way to implement granular access controls that restrict specific users to specific target systems. And while jump servers maintain log files, they don’t provide keystroke logging or command-level monitoring of privileged sessions.
CyberArk’s Privileged Session Manager (PSM) eliminates these issues. By using PSM as a jump server, organizations can completely isolate target systems from the remote desktop. Administrators log in to the PSM server via a secure web portal (directly if internal or through a VPN if remote) and select the target system they need to access. Users will only be able to connect to systems they are authorized to log into.
The administrator’s session runs on an isolated secure proxy, preventing any malware that might be present on the desktop from spreading to the target system. Privileged credentials cannot be hijacked because they aren’t entered by the administrator or stored in the remote desktop’s memory.
All privileged sessions can be monitored in real time if malicious activity is suspected, or video can be recorded for later playback. The recordings and audit logs are saved to tamper-proof storage in a fully searchable archive that enables rapid investigation of security incidents.
Jump servers can help to isolate production systems, but legacy homegrown solutions leave security gaps. Let Clango’s CyberArk-certified engineers show you how PSM provides greater protection and accountability.
For more information about CyberArk Privileged Session Manager, please send us an email at (firstname.lastname@example.org).