The forum “Quest&One Identity User & Partner” was held on November 9, 2023., in a pleasant atmosphere at the club “Joy Station”, Studentski grad. Organized by Quest Software and Escom Bulgaria, in partnership with IDVKM and New Horizons Bulgaria, the event provided valuable insight into the ever-evolving landscape of cyber and digital security.
The event brought together industry experts, business leaders, and professionals to discuss the latest trends, challenges, and solutions in cybersecurity.
From Quest, on-site in Sofia, attended:
Agenda Highlights
The varied program included keynote talks, information, demonstration sessions, and networking opportunities.
The event was opened by the Managing Director of Escom Bulgaria – Mr. Alexander Zhekov, and Mr. Ivan Pepelov, CEO of IDVKM, who outlined the main topics of the forum: cybersecurity, overall management of IT infrastructure in organizations, technological innovations in Quest and One Identity solutions, current regulatory requirements.
Bartlomiej Jakub Niewiadomski, Channel Sales Manager, CEE at Quest & One Identity presented the entire portfolio of Microsoft Platform Management solutions. One of the key benefits of Quest’s migration tools is their ability to automate and streamline the planning, consolidation, and migration processes while reducing the associated risks of data loss. Compatible with a wide range of platforms and technologies including Active Directory, Exchange, SharePoint, Office 365, and more. They support a variety of migration and management scenarios across on-premises, cloud, and hybrid Microsoft platforms. Collectively, these tools help organizations optimize their IT infrastructure, increase productivity, and accelerate their digital transformation initiatives.
Can your IT cope without Quest?
During the presentation “Can your IT cope without Quest?”, Marcin Michalewicz, Solutions Engineer, CEE, Quest, examines the importance of protecting the Active Directory (AD) and the limitations of traditional approaches to security, including:
- Lack of visibility into the overall Active Directory (AD) environment, making it difficult to identify potential vulnerabilities and attack paths.
- The labor-intensive and human-error-prone manual process of managing Active Directory (AD) security, can delay detection and response to security incidents.
- Traditional approaches focused on immediate response when a security incident occurred, rather than proactive identification and remediation of vulnerabilities.
- The lack of access to intelligence information that creates leads to limited threat information.
- Underestimating the risks associated with different attack paths, which creates gaps in security measures;
Marcin Michalewicz stressed the need to adopt a more sophisticated and proactive approach to Active Directory (AD) security, including identifying and mapping attack paths, to reduce vulnerabilities and prevent unauthorized access to critical assets.
Quest offers a comprehensive and continuous cyber resilience lifecycle for Active Directory (AD) and Office 365 that provides defense-in-depth, following the NIST Cybersecurity Framework:
- Identify.
- Protection.
- Detection.
- Response.
- Recovery.
Cybersecurity challenges and compliance with the Directive NIS 2
The agenda continued with the presentation and demonstration panels of Mr. Ivan Pepelov, CEO of IDVKM, and Mr. Valentin Hristov, Head of Identity Management at IDVKM.
Mr. Pepelow discussed One Identity’s concept of the Unified Identity Security Platform (UISP) as a unique integrated approach to identity security where organizations can gain 360-degree visibility and adaptive flexibility to ever-changing threats and IT environments. One Identity’s Unified Identity Security Platform (UISP) is an important step in achieving an adaptive Zero-Trust strategy, and integrates best-in-class capabilities to:
- Identity Governance and Administration;
- Access Management;
- Privileged Access Management;
- Active Directory Management.
To achieve compliance with the NIS 2 Directive, One Identity’s Unified Identity Security Platform (UISP) offers organizations:
- Implementation of risk analysis and security policies for information systems, using OneLogin's SmartHooks and/or SmartMFA and One Identity's Identity Manager;
- Incident handling with Security events by OneLogin;
- Business continuity, such as backup and disaster recovery management, and incident management, by instantly removing entitlements with OneLogin;
- supply chain security, including security-related aspects relating to the relationship between each entity and its direct suppliers of goods and services, by modeling employee type, roles, and access workflows in One Identity's Identity Manager;
- Introduction of basic cyber hygiene practices and cyber security training through SoD and Recertification, Roles and Rights Management in Identity Manager of One Identity;
- Implementation of policies and procedures to assess the effectiveness of cybersecurity risk management measures, using the Policy Engine and Risk Engine in Identity Manager, Smart MFA/SmartHooks of OneLogin;
- policies and procedures in place regarding the use of cryptography and, where appropriate, encryption;
- HR security, access control policies, and asset management - OneLogin SmartMFA/SmartHooks;
- Implementation of multi-factor authentication or continuous authentication solutions, secure voice, video, and text communications, and secure emergency communication systems within the structure, where appropriate, via OneLogin's SmartMFA/SmartHooks;
In the second part of his presentation panel, Mr. Pepelov talked about the main features of OneLogin’s Access Management solution; The solution supports multiple protocols, including SAML, OpenID Connect, and OAuth2, which facilitates integration with various applications and provides single sign-on (SSO) authentication; In addition, IT security teams can more effectively monitor and control access by providing real-time visibility of user activity and access rights; In a live demonstration, Mr. Pepelov presented a workflow on user authentication, authorization, and access control;
A Modern Approach to Identity Governance and Administration with Identity Manager
Mr. Valentin Hristov, Head of Identity Management at IDVKM, highlighted the risks organizations face in terms of identity breaches, data integrity and abuse of privileges; It also explores the key components of the Identity Governance and Administration (IGA) solution:
- Identity Lifecycle Management - involves managing the entire lifecycle of user identities within an organization;
- Entitlements Management - focuses on managing and controlling the specific access rights and privileges granted to users;
- Policy and Role Management - includes the definition and management of policies and roles in the organization;
- Workflow - enables automation and streamlining of identity management processes;
- Access Request and Certification - allows users to request access to resources or privileges, which are then reviewed and approved based on defined rules and workflows; Certification includes periodic reviews of user access rights to ensure they are still valid and appropriate;
- Fulfillment and Provisioning - deals with the provisioning of user accounts and access rights across systems and applications, ensuring that users have the necessary access to perform their job functions;
- Auditing and Reporting - provides visibility into user activities, access rights, and compliance status, generating comprehensive reports for auditing and management decision-making;
Effective implementation of these key components enables organizations to properly manage and administer user identity, control access, and achieve compliance with regulatory requirements; A live demonstration of the JML processes followed, concluding the panel;
Privileged Access Management (PAM): who guards the guards?
In his presentation panel: “One Identity Privileged Access Management for compliance and regulations.“, Mr. Alexander Zhekov, Manager of Escom Bulgaria, presented the solution for Privileged Access Management at One Identity by Quest; It can be interpreted as an information security and cybersecurity practice focused on the management and control of privileged accounts and their access to critical systems and data within an organization;
Many organizations face several challenges in managing privileged access daily, including:
- Too many administrators;
- Shared passwords for root accounts;
- Continuous escalation of privileges;
- Lack of centralised access policies;
- Lack of visibility into access rights;
- Inability to comply with the “least privilege.”
One Identity’s PAM includes a range of features for:
- detection of privileged accounts;
- password management;
- sessions monitoring;
- access request and approval workflows;
- recording of privileged sessions;
- ensuring compliance with current regulatory requirements including ISO 27001, SOX, PCI-DSS, HIPAA, and NIS-2;
Mr. Zhekov emphasized the basic principles and best practices of privileged access management and gave a demonstration of the solution:
- Identify users with privileged access - determine and identify users who have privileged access to critical systems and sensitive data; One Identity's PAM solution, identifies high-risk privileged users, suspicious behavior, and other anomalies to quickly detect internal and external threats and take immediate action to prevent breaches.
- Set access rights on a case-by-case basis - access rights to be granted on a need-to-know basis, and reviewed regularly to ensure that users only have access to the resources they need for their specific roles.
- Establish a robust authorization process, including multi-factor authentication, strong passwords, and secure protocols to verify users' identities before granting them access;
- Conduct periodic audits - conduct regular audits to monitor and track privileged access, detect any unauthorized activities, and ensure compliance with security policies and regulations; One Identity's PAM solution ensures that your organization meets auditor requirements with indexed recorded sessions, making it easy to find events and helping to simplify and automate reporting;
The capabilities that One Identity’s PAM solution offers to achieve compliance with NIS-2 requirements were also outlined:
- Access control;
- Zero Trust Principles;
- Cyber security hygiene and employee training;
- Enforcing regulations to limit or prevent ransomware attacks;
- Password management;
- Privileged Access Management;
- Reporting options;
- Third-party access control;
- Control of ICT;
- Risk assessment and information systems security policy.
The European Information Security Directive NIS-2 aims to address the differences in cybersecurity requirements and implementation of cybersecurity measures across EU Members. The NIS-2 Directive comes into force on 17 October 2024 and will apply to any organization with more than 50 employees and an annual turnover exceeding €10 million, as well as to any organization that was previously included in the original NIS Directive; The list of sectors and activities to be affected is also being updated; Key measures to protect organizations’ network and information systems from incidents include, as a minimum:
- Implementation of risk analysis and information system security policies;
- Incident handling.
- Ensure business continuity by managing backup disaster recovery and crisis management.
- Supply chain security, including security aspects relating to the relationship between each entity and its direct suppliers or service providers;
- Security in the acquisition, development, and maintenance of network and information systems, including vulnerability handling and disclosure;
- The introduction of policies and procedures to assess the effectiveness of cyber security risk management measures;
- The introduction of basic cyber hygiene practices and cyber security training.
- The implementation of policies and procedures regarding the use of cryptography and, where appropriate, encryption;
- Ensure human resources, access control, and asset management policies.
- The implementation of multi-factor authentication or continuous authentication solutions, secure voice, video, and text communications, and secure emergency communication systems within the entity, where appropriate;
Financial sanctions are also expected to be imposed in case of non-compliance with the minimum measures set;
The final topic of the event “Human Layer Security and How to prepare your cybersecurity team to keep your hybrid infrastructure secure” was presented by Mr. Nikolay Penev, Managing Director of New Horizons Bulgaria, and Mr. Lyubomir Tulev, Senior Security Trainer at the company.
Mr. Tulev focused on human layer security and shared his experience on how to prepare our cybersecurity team to ensure the security of our hybrid infrastructure.
Mr. Penev presented the training portfolio of New Horizons Bulgaria; As a trusted partner of many of the leading companies in the industry, New Horizons Bulgaria conducts authorized training for Microsoft, CompTIA, IBM, Information Security, Cisco, VMware, ITIL, PMP, SPM, Business Analysis, etc. Awarded with several prestigious awards locally and globally, New Horizons Bulgaria offers a whole range of certification training for Cyber Security teams, as well as several other courses in various areas including:
- Business Productivity
- Cloud
- Programming
- Cybersecurity
- Data & Business Intelligence
- Database Management
- Blockchain
- IT Infrastructure
- Leadership & Professional Development
- Program, Project, & Process Improvement.
Organizers
Quest Software has been delivering enterprise software solutions for more than 30 years, with offices in more than 100 countries and a customer base that includes more than 95% of Fortune 500 companies. Quest’s range of solutions and services include migration tools, security and compliance solutions, authentication process automation, user and user group management, and backup and recovery solutions;
Escom Bulgaria is a Value Added Distributor of Quest and One Identity solutions for Bulgaria. The company is B2B oriented, serving end users exclusively, through a network of qualified, expert partners, system integrators, and service providers (MSP).
IDVKM has more than 15 years of experience in Near Shore, international projects (classic and agile) with a client focus in Germany, and teams from over 10 nationalities. IDVKM offers consulting services in the areas of Identity Management, Custom Software Development, Agile/Traditional Project Management, personal skills training, as well as project management and team development.
The event finished with networking and bowling. We express our heartfelt gratitude to everyone who attended the Quest & One Identity forum for customers and partners in Sofia. Your presence and enthusiasm made this event truly exceptional; Stay tuned for more exciting updates and future events!
