Most admin operations don't need access to full server, so they should only able to run the tools they need. That's what's known as the "Principle of Least Privilege (POLP)". There may also be situations where older, "legacy" applications are needed but can't, or shouldn't, be installed on Admin's workstations.
With the Osirium PAM Managed Application Protocol (MAP) Server, both requirements are met by using MAP as a secure gateway to access just the tools, and versions, needed by the Admins.
Legacy applications all have dependencies, be it their own Dynamic Link Library (DLL)’s, or versions of .NET and Java. Furthermore, it can be tricky or even impossible to have multiple versions of some management tools concurrently installed. Traditional approaches of using dedicated "jump box" servers shared by multiple users are resource intensive and a security risk.
MAP Server becomes a gateway to those applications only providing remote access to those applications for the users that have approved access. It's been described as a "jump box on steroids!"
The remote applications are presented on the user's desktop, in their browser. They can work with those applications just as if they were installed locally and quickly switch between remote and local applications.
The application runs in a secure environment, so it will always be the approved version and configuration. Access to those applications is controlled by the Profiles defined for the users and applications - for example, only the DB Admins access the SQL Server tools, only the website managers access the WordPress environment. All sessions can be recorded as a further level of security to record all activity with the privileged application.
Often, admins need access to different versions of management tools or utilities which are difficult to manage when each version has different (and, often, incompatible) dependencies. With remote access to all the required versions of the tools, there's no need to ensure the user's desktop has all the necessary supporting libraries for each legacy application.
Fundamental to Privileged Access Management (PAM) is managing those privileged account credentials. With Osirium MAP Server, the admin credentials are automatically injected in to the mapped application and never revealed to the user.
With MAP Server, IT now has control over who has access to which applications and the credentials that are used. They also know who has been using which systems and what they've been doing.
Ransomware attacks destroy your data and backups. Get Osirium Fast Protect for just £4,995 to stop attacks deleting your backups.
If you have any questions or want to speak to one of our representatives, please complete this form and we'll be in touch.