Gulf Air improves access management with Wallix
Wallix AdminBastion provides airline with real-time monitoring and access to video recordings of sessions
Gulf Air has implemented a privileged user management solution from Wallix, a European software company specialising in access, traceability and audit products.
The solution, Wallix AdminBastion, has provided Gulf Air with improved data security, thanks to its upgrade of the company's internal IT access arrangements, the two companies said in a statement. This, they said, minimises the risk of data leaks and provides oversight on IT services with no system disturbance.
Gulf Air said that it chose Wallix AdminBastion for its ability to provide real-time monitoring capabilities, immediate access to video recordings of these sessions and comprehensive auditing to meet compliance requirements. With an agentless design, AdminBastion does not inhibit the performance of overall data centre services, meaning Gulf Air can maintain airline operations in excess of 99.9%.
"Wallix helped in providing real-time resource management, reporting and monitoring capabilities for IT administrators, improving the overall efficiency of Gulf Air's IT function," explained Dr Jassim Haji, director of IT at Gulf Air.
"Privileged access management is instrumental for Gulf Air in complying with the required international and industry standards. We're currently certified against the ISO 27001 standard and maintain compliance with PCI-DSS."
Wallix said that access management plays an important role within an organisation's overall IT security strategy. Indeed, the company's head of product marketing, Chris Pace, said that ineffective access management is increasingly recognised as a security weakness that organisations must address.
"The majority of data breaches come about as result of internal access flaws, which hackers or rogue insiders can exploit. Minimising the internal threat bolsters overall security by making it almost impossible for hackers to gain a foothold," he explained.
Matthias Reinwarth, senior analyst at security analyst firm KuppingerCole, added: "Even though failing to safeguard data confidentiality risks exposing sensitive customer details, disrupting operations and reputational damage, in practice, there is rarely a life-cycle management system in place for privileged users and the danger of password leaks is considered high when internal administrators leave an organisation or the contract period of an external administrator comes to an end."
Administrators and super user accounts are extremely powerful, allowing so-called 'privileged' users to anonymously log on and gain complete control over the target system with full access to all information and infrastructure.