by Jasmine Chennikara-Varghese
With billions on the line, organizations have been aggressively protecting critical data against rogue users and devices. While best practice security measures dictate the need for identity and access management, server hardening and network access control, a layer of defense is typically missing in the cyber ecosystem — deep visibility into the data and applications you are protecting. It is vital for enterprises to have real-time awareness of application activities in order to accurately detect threats against their crown jewel assets.
Ever wonder what your employee, vendor or business users and devices are doing with your critical data and applications? Which endpoint devices are accessing applications using privileged accounts? Is the same account being accessed from multiple locations and devices simultaneously? Are some admin accounts searching through a lot of data? Are they creating or deleting sensitive data?
What does all this really mean to your business? Sometimes these are innocuous, run-of-the-mill activities associated with the user and their job role. Other times they could be a potential indicator of a disastrous data breach. With visibility into those activities, your job as a security analyst, business process owner and CISO becomes easier.
Greenlight has partnered with Cisco ISE to boost visibility and protection of your crown jewel assets. The Cisco and Greenlight integration connects the dots between the active user devices in your network and the user activities in your applications. Cisco Identity Services Engine (ISE) provides a centralized security policy management platform that automates and enforces network access to endpoint devices based on rules and policies. Greenlight Security Risk Analytics monitors actual user activities and transactions on critical business applications, bridging the gap in visibility within your cyber ecosystem.
Greenlight integrates with Cisco ISE via the Cisco Platform eXchange Grid (pxGrid) which is a layer on top of Cisco ISE enabling information exchange. With Cisco ISE/pxGrid, Greenlight’s transaction monitoring data is enriched with network information, providing more visibility and insight into the users and devices involved in critical transactions. For example, you can leverage the combined intelligence of Cisco and Greenlight to identify superadmin account logins from a vendor’s laptop. You can also detect high-risk activities, such as access of 10K sensitive data records, and quarantine the offending user device as a preemptive measure against potential data breaches.
Sensitive and critical data is being accessed, updated, created, reviewed and approved across billions of transactions, millions of users and hundreds of diverse applications. The best way to protect your cyber ecosystem is a layered defense approach with security measures and monitoring at multiple levels. The Greenlight integration with Cisco ISE/pxGrid, accelerates identification and mitigation of risky users. Learn more about how Greenlight Security Risk Analytics and Cisco ISE/pxGrid can help protect your business.
Click here to view the Greenlight and Cisco Webinar Are Authorized Devices Doing Bad Things to Your Business?