“MasterSAM Secure @ Windows is so much powerful and yet non-intrusive to the operating system, gives me the flexibility to control system object access effectively. This is a perfect least privilege enforcement model that fulfils the security and operational needs.”
- Senior Operation Manager, Government Industry
Windows based systems are commonly found in most of the organizations. Most of the time enterprises are using Microsoft Active Directory as a main identity infrastructure solution. Global statistic shows that close to 90% of desktop operating system market share belongs to Microsoft Windows. Due to its popularity, it has raised the interest level for hackers to plan for a series of exploits against Windows based desktop and create harmful damage to the organizations. In addition, we often heard that those common cybersecurity attacks such as Pass-the-Hash, Ransomware, etc. are much more vulnerable at Windows based platform.
In a typical enterprise environment, system administrators will demand for full administrative rights onto the operating system in order to support their day-to-day administration and maintenance. Worse still, some of them are granted with Domain Administrators rights which allow them to access the entire domain servers easily across the network. This group of users is always the main target for attackers, once compromised, the damage is rather huge. On the other hand, database administrators would also aim for administrator’s credential to help them performing some operating system administrations such as start/stop certain service, besides using Windows Authentication to login to database. Again, this is creating a huge security vulnerability and it fails big time in compliance. To mitigate the risk of exploits on administrator privilege, it is recommended that organizations further restrict the usage of local & domain administrator, come out with a strategy to control application/program effectively with whitelist/blacklist rules.
Is that possible one can login to Windows server at different ways, besides using the traditional and native client called mstsc.exe? The answer is – YES. Regardless how strong your network control is, you can never rule out the possibility of someone that tries to login at the console level, or leap-frogging with multiple hops.
MasterSAM Secure @ Windows is designed for organizations to enforce least privilege principle and apply stringent granular access control over critical system objects. Its surveillance engine provides full transparency and accountability, ensures that each access to the server – regardless the methods of login, either with privilege or normal rights, it is subject for monitoring and control.