NGPAM Methodology and Principles

Privileged users access control, security, ease of operation, restricted access within the least privilege required

 

Policy-Based Access Control (PBAC)
We know exactly
who wants access
where is being connected to
how interaction with the target systems is arranged
when it is allowed to do

Zero Standing Privileges (ZSP)
Zero standing privileges eliminates the static object of attack - personal privileges of administrators - implementing Just-In-Time approach user's privileges are elevated only for the time of the job.

Security by Design
Security requirements are considered and controlled at every stage of the Software Development Lifecycle (SDLC) - from design to final testing

  • Modular architecture allows critical data processing isolation in a context inaccessible by user

  • Protected data exchange format between systems’ components

  • Privileged credentials do not leave the secure environment of remote execution, preventing any leakage by design

  • Users receive privileged access only within the context of current business task (Job Order mechanism)

 
 
Space_PAM_Web_SRC_bg_who_06.png

NGPAM core key features

 
 

Storing credentials and maintaining their full lifecycle

  • Credentials for access to IT systems are stored in sPACE and are not exposed to users

  • Credentials are automatically injected when a session starts

  • sPACE maintains the full life cycle of stored credentials (assignment, rotation, revocation)

Automating privileged access for employees and contractors

  • A workstation with a web browser and RDP-client is sufficient for access, including remote access

  • Access is being provided in a secure environment

Adopting the least privilege principle  

Access is being provided for a specific job at a specific time (Just-in-time principle)

Recording user activity

  • Generating session logs

  • Recording user screens

  • Keystrokes logging

Audit of user actions

  • View and export records of completed sessions

  • View current sessions online

  • Interruption of current sessions, if necessary

Support for two-factor authentication

  • Support for two-factor authentication

  • Integration with Google Authenticator

Internal system monitoring

Monitoring the status of system’s modules

 
Space_PAM_Web_SRC_pure_w_bg.jpg
Schemes
Secupace Workflow
Secupace Workflow

Download .PDF

Secupace Architecture
Secupace Architecture

Download .PDF

 

NGPAM GUI key features

 
 
 

Management

  • Access Agreement

  • Role model

  • Terms and Schedule of Access

  • Privileged credentials management

Monitoring & Control

  • Single Sign-On

  • Two-factor authentication

  • User activity logging

  • Suspicious session termination

  • Password policy compliance

Investigation & Audit 

  • Active session monitoring

  • Completed session review

  • System status monitoring

Space_PAM_Web_SRC_pure_w_bg.jpg

Product delivery options

 
 
  Subscribtion One- off Perpetual License
NGPAM Core Edition    
NGPAM Enterpise  
NGPAM Engine Edition (laaC)
 
 
Space_PAM_Web_SRC_pure_w_bg.jpg