What is Privileged Session Management?
July 27th, 2017
Session management is a comprehensive IT Security process to control, monitor and record administrative access to servers, databases and network devices. Properly implemented RBAC controls should include lock down based on day, date, time and location. Monitoring and recording should be fine grained enough to capture keystrokes, text/graphical screen output and mouse movements.
Organizations use session management to improve oversight and accountability over privileged accounts and credentials. Privileged session management refers to the monitoring, recording and control over privileged sessions. IT needs to be able to audit privileged activity for both security and to meet regulations from SOX, HIPAA, ICS CERT, GLBA, PCI DSS, FDCC, FISMA and more. Auditing activities may also include capturing keystrokes and screens (allowing for live view and playback).
While you can manually implement some processes – such as screen recording – integrated solutions allow you to accomplish it seamlessly and at the scale of hundreds or thousands of concurrent sessions. Moreover, some third-party solutions can provide automated workflows giving IT granular control over privileged sessions, such as allowing them to pinpoint an anomalous session, and terminate it, or alternatively pause/lock it until a determination is made that the activity is appropriate.