Introduction to Just-in-Time Access with SSH and Database Credentials

Logo
Presented by

Haydn Johnson, Principal Security Analyst, ruby Life

About this talk

Ensuring users have access to only the resources they need, aka least privilege is great. But have you considered granting users only needed access? This talk will introduce the concept of granting ‘Just-in-Time Access’. Securing an endpoint is more than patching and vulnerability management. Granting access to who, when and what also secures an endpoint. Only when a user needs to connect to a system, can access be granted. Ports such as SSH do not need to be open for the world to connect and probe. Database credentials do not need to last forever. This approach limits the damage that can be caused by an account -- privileged or otherwise -- by reducing the amount of time an attacker has to gain access to the account, as well as the time they have to move from a compromised account before losing access. The short explanation for Just-in-Time Access is providing short-term access in real time. It is a relatively new term in the industry and is another way to practice the least privileged best practice. Key Takeaways: • The benefits to Just-in-Time access for security and operations o Improved visibility o Minimize damage from compromised accounts o Operational efficiency • How SSH can be replaced with AWS SSM sessions o Direct SSH replacement o SSH reverse proxy • How Just in Time Access for database credentials can help o Example: Hashicorp Vault o Example: Akeyless • Resources for learning more
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (605)
Subscribers (204553)
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.