Privileged Access Management for Secure Storage Administration: IBM Spectrum Scale with IBM Security Verify Privilege Vault
A draft IBM Redpaper publication
Updated 20 November 2020
IBM Form #: REDP-5625-00
Rate and comment
Authors: Vincent Hsu, Sridhar Muppidi, PhD, Sandeep R. Patil, Kanad Jadhav, Sumit Kumar, Nishant Singhai
There is a growing insider security risk to organizations. Human error, privilege misuse and cyber espionage are considered the top insider threats. Among them one of the most dangerous security threats beyond external hacker is the privileged user with access to critical data - the “crown jewels” of the organization. This data resides on storage and hence storage administration has become critical privilege access that can cause major security breaches and jeopardize the safety of sensitive assets. Hence, organizations need to maintain tight controls over who they grant privileged identity status to storage administration. Additional storage administration access needs to be shared with support and services teams when required. Additionally, there is a need to audit critical resource access required by various compliances.
IBM® Security Verify Privilege Vault On-Premises (Verify Privilege Vault), formerly known as IBM Security™ Secret Server, is Next-Generation Privileged Account Management which integrates with IBM Storage to ensure that access to IBM storage administration sessions is secure, monitored in real time with required recording for audit and compliance. It allows the privilege access to storage administration sessions to be centrally managed where each session can be time bound with remote monitoring, ability for remote termination as well as approval workflow for issuing the session. In this paper we demonstrate integration of IBM Spectrum® Scale/IBM Elastic Storage® Server with IBM Security Verify Privilege Vault and show how one can have privileged access management for secure storage administration.
Table of contents
These pages are Web versions of IBM Redbooks- and Redpapers-in-progress. They are published here for those who need the information now and may contain spelling, layout and grammatical errors. This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. Your feedback is welcomed to improve the usefulness of the material to others.
Follow IBM Redbooks
Follow IBM Redbooks