Isiqulatho[Fihla][Bonisa]
Kwimibutho, ii-asethi zinikwa amalungelo angagqibekanga, athi emva koko agcinwe ngamaqela e-IT.
La malungelo, nangona kunjalo, anokuba yingozi enkulu kumbutho kuba abarhwebi banokusebenzisa iiakhawunti ezinelungelo elinxulumeneyo ukufumana iziqinisekiso ezibalulekileyo kunye nokusebenzisa kakubi la malungelo.
Iinkampani zinokubeka inkqubo yolawulo lwe-akhawunti yelungelo elikhethekileyo (PAM) ukusingatha lo mba. Abaphathi be-IT banokubeka iliso kwaye balawule iiakhawunti ezinelungelo ngaphakathi kwintlangano ngoncedo lwesisombululo esihle sePAM. Esi sisombululo sinokuphunyezwa njenge-cloud-based, i-SaaS, okanye i-software ye-premise.
Imigaqo-nkqubo yokufikelela okuncinci (i-LPA), enika abasebenzisi ukufikelela okuncinci okufunekayo ukugqiba imisebenzi yabo, inokuphunyezwa njengenxalenye yesisombululo se-PAM sokuncedisa ukunciphisa ingozi.
Ke, iyeza linokunceda ekuthinteleni zombini iingozi zangaphakathi kunye nezangaphandle. Ukuthintela imeko enzima ngolo hlobo, kufuneka usebenzise inkqubo yolawulo lofikelelo olunelungelo.
Kweli nqaku, siza kuvavanya ulawulo lofikelelo olunelungelo kunye nokhetho olungcono olukhoyo.
Ke, yintoni uLawulo loFikelelo oluVunyiweyo?
Indlela yokhuseleko eyaziwa ngokuba yilungelo lolawulo lofikelelo (i-PAM) yenza ukuba imibutho ilawule kwaye ibeke iliso kwimisebenzi yabasebenzisi abanethamsanqa, kubandakanywa ukufikelela kwabo kwiinkqubo zoshishino ezibalulekileyo kunye nento abanokuyenza xa besayine.
Uninzi lwamashishini ahlela iinkqubo zawo ngokweendidi ezisekelwe kwindlela iimpembelelo ezinokuthi zibe yingozi ngayo xa ulwaphulo okanye uxhatshazo lwenzekile.
Amanqanaba olawulo okufikelela kwiinkqubo ezikumgangatho ophezulu abonelelwa ngeeakhawunti ezinelungelo, ezinje ngolawulo lwesizinda kunye neeakhawunti zezixhobo zothungelwano, ngokuxhomekeke kwiidigri eziphezulu zeemvume.
Nangona kukho izicwangciso ezininzi zokulawula amalungelo, ukusetyenziswa kwelona lungelo lincinci, elichazwa njengokunciphisa amalungelo okufikelela kunye neemvume kubuncinci obufunekayo kubasebenzisi, iiakhawunti, izicelo, kunye nezixhobo zokwenza imisebenzi yazo egunyazisiweyo rhoqo, yinjongo ephambili. .
I-PAM ithathwa ngabahlalutyi abaninzi kunye neenjineli njengenye yezona ndlela zibalulekileyo zokhuseleko zokunciphisa umngcipheko we-cyber kunye nokwandisa imbuyekezo kwinkcitho yokhuseleko.
Abathengisi bezisombululo zolawulo lofikelelo olukhethekileyo bancedisa abalawuli ekulawuleni ukufikelela kwimithombo yenkampani ebalulekileyo kunye nokuqinisekisa ukhuseleko lwezi nkqubo zikumgangatho ophezulu. Iinkqubo zoshishino ezibalulekileyo zikhuselwe ngolu hlobo lokhuseleko olongezelelweyo, olukwakhuthaza ulawulo oluphuculweyo kunye nokuthotyelwa kwemithetho yedatha.
Lusebenza njani ulawulo loFikelelo oluKhethekileyo?
Ngokuqinisekileyo! Isisombululo se-cybersecurity esibizwa ngokuba yi-Privileged Access Management (PAM) siphuhlisiwe ukubeka iliso kunye nokunciphisa ukufikelela okunelungelo kwiinkqubo ezibalulekileyo, idatha, kunye nezicelo.
Ngokusisiseko, inceda imibutho ekuqinisekiseni ukuba ngabantu abagunyazisiweyo kuphela abanikwa ukufikelela kwiinkcukacha ezibuthathaka kunye neenkqubo kwaye olu fikelelo luyalandelelwa kwaye lulawulwe.
Imisebenzi ye-PAM ngokubeka uthotho lwamanyathelo okhuseleko anenjongo yokuthintela ukufikelela okungagunyaziswanga kwiiakhawunti ezikhethekileyo. Oku kufezekiswa ngokumisela imithetho enyanzelisa ukuba abasebenzisi babonelele ngobungqina bokuchongwa, bagqithele kwi-multi-factor authentication, kwaye bagqibezele iinkqubo zokucela ukufikelela phambi kokuba bavunyelwe ukufikelela kwii-akhawunti ezikhethekileyo.
Iinkqubo ze-PAM zibeka esweni umsebenzi womsebenzisi emva kokuba ukufikelela kunikwe kwaye kubonelele ngee-alamu xa kukho nayiphi na indlela yokuziphatha ethandabuzekayo. Oku kungabandakanya ukugcina umkhondo wayo yonke indlela yokuziphatha komsebenzisi, ukubona naziphi na iintsingiselo ezingaqhelekanga, kwaye ngoko nangoko ukwala ukufikelela kuye nabani na owaphula imimiselo yofikelelo.
Ngokuzenzekelayo inkqubo yokujikeleza kwephasiwedi, ukunyanzelisa imimiselo enzima yephasiwedi, kunye nokubonelela ngombono ophakathi kwazo zonke ii-akhawunti ezinelungelo kwintlangano, iinkqubo ze-PAM zinokunceda imibutho ekulawuleni ii-akhawunti ezinelungelo.
Izisombululo zoLawulo loFikelelo oluVunyiweyo (PAM).
1. ManageEngine PAM360
Kumashishini anqwenela ukudibanisa i-PAM kwimisebenzi yabo yokhuseleko, i-PAM360 sisisombululo esibanzi. Ngoncedo lweempawu zokudityaniswa kweemeko zePAM360, unokwakha i-console ephakathi edibanisa amacandelo ahlukeneyo enkqubo yakho yolawulo lwe-IT ukwenzela ulungelelwaniso olunzulu phakathi kwedatha yokufikelela okunelungelo kunye nedatha yenethiwekhi iyonke, eyenza izigqibo ezinengqiqo ngakumbi kunye nokulungiswa ngokukhawuleza.
Akukho tshaneli yokufikelela ikhethekileyo kwizinto zakho ezibalulekileyo eziphuncukileyo kulawulo, ulwazi, okanye ukubeka iliso kwi-PAM360. Ibonelela ngevault yokuqinisekisa apho unokugcina iiakhawunti ezikhethekileyo ukwenza oku kwenzeke.
Le vault ixhasa uguqulelo oluntsonkothileyo lwe-AES-256, ulawulo lofikelelo olusekwe kwindima, kunye nolawulo oluphakathi. I-PAM360 ithintela ukufikelela kumalungelo aphakamileyo eakhawunti yesizinda kuphela xa abasebenzisi bewafuna ngokwenene. Iimvume zirhoxiswa ngokuzenzekelayo kwaye iziqinisekiso zisetwa kwakhona emva kwexesha elimiselweyo.
Ukongeza ekulawuleni ukufikelela okunelungelo, i-PAM360 yenza ukuba abasebenzisi abanelungelo baqhagamshele kwimikhosi ekude ngokucofa nje okukodwa, ngaphandle kwemfuneko yee-ejenti zesiphelo okanye i-plug-ins yesiphequluli. Eli nqaku libonelela ngothungelwano loqhakamshelwano oluhamba nge-password-free, iigeyidi ezifihliweyo ukunika inqanaba eliphezulu lokhuseleko.
namaxabiso
Amaxabiso eprimiyamu esoftware aqala kwi-7,995 yeedola.
2. Cyberark
Esinye sezabelo zentengiso ezinkulu ze-PAM zibanjwe yiCyberArk, ebonelela ngenqanaba loshishino, izisombululo eziqhutywa ngumgaqo-nkqubo ezivumela amaqela e-IT akhuseleke, abeke iliso, kwaye alandelele umsebenzi weakhawunti onelungelo.
Isisombululo sabo seCore Privilege Access (PAS) sibonelela ngeeakhawunti ezinelungelo lokhuseleko olunamanqanaba amaninzi kwaye lubandakanya ngaphezulu kwe-500 "ngaphandle kwebhokisi".
Ukufumana ufikelelo olukhethekileyo, iCore PAS isoloko ibeka iliso kwinethiwekhi.
Ngokuxhomekeke kwimigaqo-nkqubo yenkampani, amaqela e-IT anokugqiba ukuba ajikelezise ngokuzenzekelayo iiakhawunti kunye neziqinisekiso okanye ajonge iinzame zokufikelela ngokuzongeza emgceni. Iziqinisekiso zokufikelela kwi-asethi ezibalulekileyo zigcinwa zahlukeneyo kwindawo ekhuselekileyo, enciphisa umngcipheko wokuvezwa kweziqinisekiso.
Amaqela e-IT anelungelo lokuzikhethela ukurekhoda nokuphicotha iiseshoni ezithintelweyo kwindawo efihliweyo kusetyenziswa iphaneli yolawulo ephakathi. Abalawuli banokujonga amaqhosha athile kunye nezenzo ezirekhodwe ngexesha lokudlala kwakhona ividiyo kwaye bahlale bejonge kuyo nayiphi na ihambo ekrokrisayo.
I-Core PAS inqumamisa ngokuzenzekelayo okanye iyiphelise iseshoni yelungelo ukuba ukuziphatha okukrokrisayo kufunyenwe, kuxhomekeke kwinqanaba lomngcipheko. Ekunqunyanyisweni okanye ekuyekisweni, ukujikeleziswa kwengqinisekiso ngokuzenzekelayo kuqinisekisa ukuba abasebenzisi abangagunyaziswanga okanye abachaphazelekileyo ngaphakathi kweeakhawunti abanakukwazi ukufikelela kwakhona kwisistim.
Ngokukhetha kwiindawo, ifu, kunye nokuthunyelwa kwe-SaaS, isisombululo se-CyberArk sinokusetyenziswa ngumbutho, kungakhathaliseki ukuba ziphi na kwinkqubo yokufuduka kwamafu.
namaxabiso
Nceda uqhagamshelane nomthengisi ngexabiso layo.
3. StongDM
Endaweni yezisombululo zokugqibela, iStrongDM ibonelela ngeqonga lokufikelela kwiziseko ezingundoqo ezixhasa zonke iiprotocol. Ngummeli odibanisa ukuqinisekiswa, ugunyaziso, ukubonwa, kunye nobuchwepheshe bothungelwano kwiqonga elinye.
Iinkqubo zemvume ye-StrongDM yemvume yesabelo zenza kube lula ukufikelela kunokuba kukhawuleziswe ngokunikezela ngokukhawuleza kunye nokurhoxiswa kwegranular, ukufikelela kwilungelo elincinci ngokusebenzisa ulawulo olusekelwe kwindima (RBAC), ulawulo olusekelwe kwi-attribute-based access (ABAC), okanye ukuvunywa kwe-endpoint kuzo zonke izibonelelo.
Ukukhwela komqeshwa kunye nokuphuma kwibhodi kunokugqitywa zombini ngokucofa kanye. Ukusebenzisa iPagerDuty, Amaqela eMicrosoft, kunye neSlack kwimisebenzi ebalulekileyo ngoku inogunyaziso lwexeshana lofikelelo olukhethekileyo.
I-StrongDM ikunika amandla okudibanisa nawuphi na umsebenzisi wokugqibela okanye inkonzo kwimithombo ethile abayidingayo, naphi na apho banokuba khona. Ukongeza, i-bastion hosts kunye nokufikelela kwe-VPN kuthatyathelwa indawo yi-zero-trust networks.
I-StrongDM inikezela ngeendlela ezahlukeneyo zokuzenzekelayo, ezifana nomthamo wokondla izingodo kwi-SIEM yakho, zibandakanya ulawulo lokufikelela kwinkqubo yakho yangoku yokuthunyelwa, kwaye uqokelele ulwazi malunga noluhlu lokuhlolwa kwesatifikethi, kuquka i-SOC 2, i-SOX, i-ISO 27001, kunye ne-HIPAA.
namaxabiso
Unokuzama iqonga kunye nesilingo sasimahla seentsuku ezili-14, kwaye amaxabiso eprimiyamu aqala ukusuka kwi-70 yeedola / umsebenzisi / ngenyanga ngesivumelwano sonyaka.
4. JumpCloud
I-Open Cloud Directory Platform esuka kwi-JumpCloud idibanisa ngokukhuselekileyo abasebenzisi abanelungelo kwiinkqubo ezibalulekileyo, iinkqubo, idatha, kunye nothungelwano. IJumpCloud inika iiakhawunti ezikhethekileyo ukubonakala kunye nokulawula ngokupheleleyo.
Inyanzelisa ukuqinisekiswa okuqinileyo, ivumela abalawuli ukuba bafune uQinisekiso lwe-Multi-Factor Authentication (MFA) phambi kokuba ufikelelo luvunyiwe, kwaye inzalelwane idityaniswe nesakhono sethu sokungena (i-SSO), ivumela abalawuli ukuba baseke imigaqo-nkqubo echanekileyo elawula ukuba zeziphi izixhobo ezinelungelo leakhawunti kunye nomntu ngamnye. abasebenzisi banokufikelela ngezazisi zabo.
I-password eyomeleleyo kunye nolawulo lweSitshixo se-SSH lolunye uphawu lwe-JumpCloud Open Directory Platform eyenza abalawuli baseke imida echanekileyo kubunzima bamagama ayimfihlo kwiiakhawunti ezikhethekileyo kwaye bafumane izaziso xa la magama agqithisiweyo sele eza kuphelelwa okanye ekujoliswe kuwo kuhlaselo lwamandla akhohlakeleyo.
Ngoncedo lweempawu zolawulo lwesixhobo seJumpCloud, abalawuli banokulumkisa abasebenzisi abanelungelo lokujikeleza iipassword zabo ngamaxesha amiselweyo, athi ke ahlaziye amagama agqithisiweyo kunye nokufikelela kuzo zonke izixhobo zabo zeMacOS, Windows, kunye neLinux ngokuzenzekelayo.
Oku kwehlisa umngcipheko wamagama ayimfihlo angatshintshiyo, ukukhohlisa, kunye nezinye iindlela ezisetyenziselwa ukujolisa kubasebenzisi abakhethekileyo.
namaxabiso
Unokuqala ukuyisebenzisa simahla kunye nezibalo zexabiso leprimiyamu ukusuka kwi-2 yeedola/umsebenzisi/ngenyanga.
5. I-ARCON
Izisombululo ze-ARCON zokulawula umngcipheko zenzelwe ukukhusela idatha kunye nobumfihlo ngokulindela iimeko ezinobungozi, ukukhusela imibutho kuloo mingcipheko, kunye nokukhusela iziganeko ukuba zenzeke.
Kwenza kube lula ukuba amaqela okhuseleko aqeshwe ngamashishini akhusele kwaye alawule ii-akhawunti zamalungelo ubomi babo bonke.
Ikhusela kuzo zombini uhlaselo lwangaphakathi usebenzisa iziqinisekiso ezikhethekileyo kunye nolwaphulo-mthetho lwe-cyber oluvela kumaqela angaphandle. Utshintsho oluqhelekileyo lwegama lokugqitha luyazenzekela kusetyenziswa ivault ye-ARCON ekhuselekileyo.
Amagama ayimfihlo anamandla, aguquguqukayo anokufikelela kuphela ngabasebenzisi abagunyazisiweyo ayenziwa kwaye agcinwe kwivault. Ukufikelela kwi-vault, abasebenzisi kufuneka basebenzise i-multi-factor authentication (MFA).
Ukuba inkampani ifuna ukongeza amanqanaba obungqina ongezelelweyo kwi-vault, i-ARCON ibonelela nge-software-based based-time-password-time-password (OTP) ukuqinisekiswa okunokusetyenziswa ukuqinisekisa iinkcukacha zabasebenzisi.
Ngenxa yokhuseleko lwe-MFA, i-ARCON | I-PAM iyakwazi ukwenza ukungena ngemvume okukodwa (i-SSO) ukufikelela kuzo zonke iinkqubo ezibalulekileyo ngaphandle kokufuna ukuba abasebenzisi baveze ulwazi lwabo lokungena.
Ngenxa yoko, inkqubo yokungena isebenza ngakumbi, kwaye idatha ebalulekileyo ikhuselwe kumngcipheko wokuvuza kwephasiwedi.
namaxabiso
Nceda uqhagamshelane nomthengisi ngexabiso layo.
6. heimdal
NgeHeimdal Privileged Access Management, abalawuli benkqubo banakho ukwamkela ngokukhawuleza okanye ukukhaba izicelo zokunyuka kwamalungelo.
Amaqela e-IT anokuyila ngokupheleleyo imekobume yawo ngokuhambelana neemfuno zeshishini ngelixa egcina ixesha elibalulekileyo kunye nemali ngokuphuhlisa ngokuzenzekelayo imibhobho yokuvunywa kwesicelo ehambelana nemithetho ebekiweyo kunye nemiqobo.
Amashishini angakwazi ukufezekisa ukuthotyelwa kwe-NIST AC-5 kunye ne-AC-6 ngokubandakanya isisombululo se-PAM ye-Heimdal kwisiseko.
Abasebenzisi banokufikelela kumzila opheleleyo wophicotho-zincwadi ngokunyuka okuneenkcukacha kunye nedatha yokwehla ekhoyo kangangeentsuku ezingama-90 kusetyenziswa uLawulo lokuFikelela okuLungelelweyo. Ukongeza, abalawuli banokukhawulela umbono wabo wolwazi olufakiweyo ukuhlangabezana neendlela ezahlukeneyo, kubandakanya izicelo, abasebenzisi, kunye nokunye.
Okokugqibela kodwa kuncinci, kubalulekile ukuqaphela ukuba i-Heimdal Patch kunye noLawulo lwe-Asethi kuphela kwamalungelo ukunyuka kunye nesisombululo sogunyaziso kwimarike esohlisa ngokukhawuleza izicelo ukuba ingozi ifunyenwe. Oku kwenziwa kube nokwenzeka ngokudibanisa iPAM kunye nezinye iimveliso ze-Heimdal suite, ngokukodwa i-Antivirus ye-Next-Gen ye-Heimdal.
namaxabiso
Ungayizama ngenguqulo yayo yesilingo sasimahla kwaye nceda uqhagamshelane nomthengisi ngamaxabiso ayo.
7. Foxpass
Ulawulo loFikelelo oluLungelelekileyo lweFoxpass luzenza ngokuzenzekelayo uthungelwano kunye nofikelelo lweseva, lukhusela iinkqubo zoshishino ezibalulekileyo ngelixa ukhulula umthwalo kwizixhobo zeqela le-IT.
Abathengi banokukhawuleza baqwalasele umbulelo wabo wokhuseleko kubuchule benkqubo bokunxibelelana ngokungenamzamo nazo naziphi na iinkqubo zangoku kumbutho, ezifana neenkqubo zeposi zelifu kunye neenkqubo ze-SSO.
Ulawulo oluzisebenzelayo lwezitshixo ze-SSH, amagama ayimfihlo, kunye ne-MFA iyafumaneka kunye nolawulo lweFoxpass Privileged Access. Ngojongano olulula, abalawuli banokuchaza iimfuno zephasiwedi.
Ukongezelela, isisombululo sibonelela nge-API epheleleyo enokuthi i-admins isebenzise ukulawula ukufikelela kwiseva, ukuguqula ulwazi lomsebenzisi, kunye nokulawula ubulungu beqela.
I-API igcina umkhondo wazo zonke izicelo zokuqinisekisa ukuze abalawuli babone ngokulula ukuba ngubani ongena kwiinkqubo ezibalulekileyo. Ezi zigodo zingasetyenziselwa ukubonisa ukuthotyelwa.
I-Foxpass PAM inokuhambisa umqondiso omnye kwi-stack yesicelo esipheleleyo sombutho, isusa imfuno yamagama ayimfihlo, ngenxa ye-LDAP ebanjwe ngamafu kunye ne-RADIUS. Kweli nqanaba, abalawuli banokongeza i-MFA yokhuseleko olwandisiweyo kunye nokuloga kwi-LDAP kunye nezicelo ze-RADIUS zokufunyanwa kunye nokusabela okuzenzekelayo.
Ukhuseleko lomgangatho woshishino lubonelelwa sisisombululo sePAM sikaFoxpass, esikwanokwehla kakhulu kwaye sifikeleleke kokubini kwizakhiwo nakwilifu. Ukongeza, iqhagamshela ngokutyibilikayo kunye nezicelo ezikhoyo zomntu wesithathu ezifana neMicrosoft 365 kunye Indawo yokusebenzela kaGoogle.
namaxabiso
Ungayizama ngenguqulo yayo yesilingo sasimahla seentsuku ezingama-30 kwaye amaxabiso eprimiyamu aqala ukusuka kwi-3 yeedola/umsebenzisi/ngenyanga.
8. ulwandlalo
Isoftware yolawulo lofikelelo olunelungelo oluvela kwiDelinea yenzelwe ukunceda amashishini ekulawuleni nasekukhuseleni ukufikelela kwezona nkcukacha zogcino-lwazi lwamashishini abucala, ii-apps, i-hypervisors, izixhobo zokhuseleko, kunye ne-hardware yenethiwekhi.
Izama ukwenza ukufakela kunye nokusebenzisa usetyenziso kube lula kangangoko. Ishishini lenza lula iimveliso zalo ukwenza imida yofikelelo lula ukuyichaza. Izisombululo zePAM zikaDelinea zilula ukuzisebenzisa, ukuqwalasela, kunye nokulawula ngaphandle kokuncama ukusebenza, nokuba kukwilifu okanye kwiimeko zendawo.
I-Delinea ibonelela ngokhetho olusekwe kwilifu oluvumela ukufakwa kwizigidi zeekhompyuter. Umphathi weLungelo leedesktops kunye ne-Cloud Suite yeeseva ezenza esi sisombululo.
Ichonga iikhomputha, ii-akhawunti, kunye neenkqubo ezineemvume zomlawuli kwiindawo zokusebenza kunye neeseva ezibanjwe ngamafu ngokusebenzisa uMphathi weNgcaciso.
Nokuba iikhomputha ezikhethekileyo zesizinda zinokuyiqhuba. Inokusingatha amalungelo ngokuzenzekelayo ngokuchaza ubulungu beqela lendawo ngokusisigxina kwaye ijikelezisa ngokuzenzekelayo iziqinisekiso zamalungelo angengowabantu ngokuchaza imithetho.
Ngokucofa nje okumbalwa, unokunyusa, ukwala, kwaye unciphise ii-apps usebenzisa iwizadi yepolisi. Isixhobo sokunika ingxelo esivela kuDelinea sikwabonelela ngedatha ebanzi malunga nokuthotyelwa kwamalungelo amancinci kunye neenkqubo ezithintelweyo yi-malware. Ukongeza, ibonelela ngoqhagamshelo phakathi koMphathi weLungelo loMphathi weLifu kunye noHlalutyi lokuziphatha oluLungelelweyo.
namaxabiso
Nceda uqhagamshelane nomthengisi ngexabiso layo.
9. Ngaphandle Kwethemba
Inkokeli yemarike kulawulo lofikelelo olunelungelo yiBeyondTrust. Banikezela ngezisombululo ezahlukeneyo zesiphelo, iseva, ifu, i-DevOps, kunye neemeko zesixhobo senethiwekhi ezenza amanqanaba aphezulu okubonakala kunye nokhuseleko.
Ngaphandle kwesidingo se-VPN, isisombululo se-BeyondTrust's Privileged Remote Access sivumela ulawulo kunye nophicotho lokufikelela kwilungelo langaphakathi nangaphandle. Nokuba ziphi na, abasebenzi banokuba nemveliso enkosi kwesi sisombululo, esikwathintela abasebenzisi abakhohlakeleyo ukuba bafikelele kwiinkqubo ezibalulekileyo zeshishini.
Amagama okugqithisa agcinwa kwindawo ekhuselekileyo esekwe kwilifu kwisixhobo sombane ngokuFikelela kwiNdawo eLungelelweyo. Njengenye indlela, iBeyondTrust's Password Safe, ehanjiswa njengesoftware, idityaniswe nesi sisombululo.
Ngalo naluphi na ukhetho, iBeyondTrust iyakwazi ukutofa iziqinisekiso ngokukhuselekileyo ukusuka kwivault ukuya kwiseshoni. Olu phawu lwaziwa njengenaliti yokuqinisekisa. Oku kuthetha ukuba abasebenzisi abanakuze baveze iziqinisekiso zabo ngelixa bengena.
Izixhobo ezomeleleyo zokubeka iliso nazo zibandakanyiwe kwinkqubo, kwaye imisebenzi yokulandelela kunye nophicotho zonke ziyafumaneka kwi-interface enye.
Abalawuli banokwenza imvume kunye nesetingi yesaziso ngokusesikweni ukufumana izaziso xa umsebenzisi efikelela kuFikelelo oluLungelelweyo lweRemote.
Abalawuli banokuzamkela izicelo zofikelelo kwaye bajonge ukusetyenziswa kwezixhobo zabo eziphathwayo ukusuka naphi na ngenxa yezi zilumkiso 'zobuhlobo obukude bomsebenzi.
Ukusetyenziswa kwee-akhawunti ezinelungelo kunokujongwa kwakhona kwaye kulandelelwe ngamaqela e-IT, anokubonelela ngeengxelo ukubonisa ukuthotyelwa, ngenxa yeendlela zophicotho olucokisekileyo kunye neseshoni ye-forensics.
namaxabiso
Nceda uqhagamshelane nomthengisi ngexabiso layo.
10. Umnxeba
Isixhobo soLawulo loFikelelo oluKhethekileyo (PAM) esibizwa ngokuba yiTeleport sijonge ukunika ukufikelela ngokukhuselekileyo kwiziseko zoncedo ezibalulekileyo kubasebenzi, iikontraki ezizimeleyo, kunye nababoneleli beqela lesithathu.
Ngale ndlela, zonke iziseko zophuhliso ziya kufikeleleka kubaphuhlisi besoftware kunye nee -apps abazivelisayo ngeqonga elinye.
Eli qonga lilodwa libanga ukuba linciphisa umngcipheko wokuphulwa kokhuseleko ngokucutha iindleko zokusebenza kunye nokuhlaselwa kweendawo ngelixa ukhulisa imveliso kunye nokuqinisekisa ukuthotyelwa kwemigangatho. Le ndlela yomthombo ovulekileyo ithatha indawo yeziqinisekiso ekwabelwana ngazo, iiVPNs, kunye neendlela zakudala zokulawula ukufikelela kwilungelo.
Yayiyilelwe ngokukodwa ukubonelela ukufikelela okuyimfuneko kwiziseko zophuhliso ngaphandle kokuphazamisa umsebenzi okanye ukunciphisa imveliso yabasebenzi be-IT.
Iinjineli kunye neengcali zokhuseleko zinokunyusa isixhobo esinye sokuqhagamshela kwiLinux kunye neeseva zeWindows, amaqela eKubernetes, idatabase, kunye nezixhobo zeDevOps ezifana neCI/CD, ulawulo lwenguqulo, kunye needashbhodi zokubeka iliso.
Imigangatho evulekileyo isetyenziswa yi-Teleport Server Access, kuquka izitifiketi ze-X.509, i-SAML, i-HTTPS, kunye ne-OpenID Connect. Abaqulunqi bayo bagxininise ekufakeni ngokulula kunye nokusetyenziswa kuba ezi ziziseko ze-positive amava kunye nomgaqo-nkqubo owomeleleyo wokhuseleko.
Ngoko ke inamabini amabini kuphela: i-agent ye-Teleport, enokuthi ifakwe kuyo nayiphi na iseva ye-Kubernetes okanye i-cluster enomyalelo omnye, kunye nomxhasi apho abasebenzisi banokungena khona ukuze bafumane izatifikethi zexeshana.
namaxabiso
Ungasebenzisa inguqulelo yorhwebo esimahla kuye wonke umntu kwaye nceda uqhagamshelane nomthengisi ngexabiso leshishini.
isiphelo
Ukuqukumbela, amaqonga oLawulo lokuFikelela okuLungileyo (i-PAM) zizisombululo ezibalulekileyo zokukhusela ukufikelela kulwazi olubuthathaka kunye neziseko ezingundoqo ezibalulekileyo.
Izisombululo zePAM zinika amashishini amandla okulawula kunye nokubukela ukufikelela okukhethekileyo, ukunciphisa ingozi yokuphulwa kwedatha, ukuhlaselwa kwe-cyber, kunye nezisongelo zangaphakathi.
Imibutho inokulawula kwaye igcine umkhondo weeakhawunti ezinelungelo usebenzisa iqonga lePAM, elikwanyanzelisa imida yokufikelela kwaye linikezela ngombono ophakathi kuyo yonke imisebenzi yokufikelela okunelungelo.
Ezi zisombululo zinokuthi zinyanzelise ubunzima imimiselo yegama lokugqitha, yenza ulawulo lwegama lokugqitha inkqubo, kunye nokubonelela ngokubeka iliso ngexesha lokwenyani kunye nokunika ingxelo.
Amaqonga e-PAM akhawuleza abe yinxalenye ebalulekileyo yesixhobo se-cybersecurity ngenxa yokunyuka kohlaselo lwe-cyber kunye nokwaphulwa kwedatha.
Shiya iMpendulo