NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Privileged Session Monitoring: If You See Something, DO Something

June 29, 2016

  • Blog
  • Archive

Session Monitoring

To terminate or not to terminate, that is the question…

This is the issue facing many security managers who use session monitoring to overlook administrative sessions in process. Many session management solutions allow you to terminate a live session if you see something suspicious. But the problem is that termination is destructive. While an RDP session may sometimes be reconnected, an SSH session is killed —that means that any processes or scripts that were running are no more. Perhaps this is a good thing— but what if you made a mistake? You now have potentially corrupted systems that were being updated by a totally legit script.

The main reason that many admins choose NOT to terminate is fear of killing the wrong session.

So wouldn’t it be nice if there were a way to safely disconnect a user from their administrative session without breaking anything?

BeyondTrust’s PowerBroker Password Safe has the unique capability to safely LOCK an administrator out without destruction; in fact it is currently the only product on the market with this capability. It does this by preventing the admin from interacting with their active session. A customizable message can be displayed to the admin, informing them that the session is locked - you might even add text to suggest the user calls a number for assistance. In this manner, there is no risk to blocking suspicious activity. If the activity is deemed to be correct, the security manager simply selects an unlock option to allow the user to resume their session. Of course, there is also the option to terminate the active session, as well as terminate any active session the user may have started.

So now there is NO excuse… If you SEE something DO something!

PowerBroker Password Safe provides secure session management, with the ability to proxy access to RDP, SSH and Windows, Unix & Linux Applications. Dynamic assignment of just-in-time privileges, via Adaptive Workflow Control, allow organizations to lock down access to resources based upon the day, date, time, and location. By limiting the scope to specific runtime parameters, it narrows down the window of opportunity where someone might be exploiting misappropriated credentials. For example, if you normally expect the administrator (or third-party vendor) to be logging on from particular systems, you can ensure that access is only permitted from predefined allowable address ranges. Similarly, you can set up policies to control when the accounts are accessible, and alert when specific access policies are invoked.

On top of its granular access controls, PowerBroker Password Safe ensures managed accounts have their passwords regularly rotated – every time a password is released, it can be a one-time password for security. Passwords can be regularly changed using strong and complex policies to ensure that any credential breach, whether directly by the user or indirectly via malware, has a limited window of exploitation. Several additional capabilities in the product help to mitigate the risks of administrative/third-party access:

  • Adaptive Workflow Control can route workflow to different groups according to runtime parameters.
  • Password Safe’s Application Proxy can automatically log users onto resources using managed credentials with zero exposure. Passwords may also be securely passed to any Windows, Unix, or Linux application.
  • All user activity may be recorded for later playback, and as mentioned above, real-time monitoring capabilities allow sessions to be monitored with options to remotely terminate or pause (lock) active sessions.

To learn more about about session management in PowerBroker Password Safe, request a free trial.

Photograph of Martin Cannard

Martin Cannard,

Martin has been helping organizations solve challenges in the privileged account management and identity and access management space for over 24 years. At Dell Software, Martin managed a team of Solution Architects, focused on designing and implementing solutions in the Privileged Account Management (PAM) space. Prior to joining Dell, Martin was Sr. Product Manager for Novell Privileged User Manager, a privilege management application acquired from Fortefi, an organization where he served as Vice President, Corporate Development. Prior to this, he was Program Manager of Client Technologies at Symantec where he was responsible for many ground-breaking field and channel enablement applications. Additionally, Martin managed the European QA group at Axent Technologies and has held various management positions in consulting, systems development, and operations. Martin is a regular speaker for security events, and webinars.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Whitepapers

Azure PIM vs. BeyondTrust PAM

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.