BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Do You Know Where Your Linux/UNIX Users Are?

Posted March 13, 2012    Peter McCalister

Or even who they are?

Sure you do, you say. You have someone responsible for managing Linux and UNIX user accounts. She manages the user store, grants user access to specific Linux/UNIX servers, and assigns specific privileges to users on those servers. When someone leaves the company, she makes sure the specific user accounts are removed. When someone assumes a new role within the company, she modifies the privileges accordingly.

Really, though – do you actually know that your Linux and UNIX users are being managed with the same rigor as your Windows users? Do you know what IT assets they have access to? Do you know for sure that there aren’t orphaned UNIX and Linux user accounts for employees that have long since moved on, that are still active? Your lead administrator for UNIX and Linux systems may be as competent as they come, but managing separate user accounts is a manual, labor-intensive process – which means it’s a process highly subject to human error.

If you deploy Active Directory in your IT infrastructure, you likely have a firm grasp of who your Windows users are and what privileges they have. You define access policies and push them out to your Windows users. You manage the users through a centralized repository. You wipe out user accounts the day its owners leave the company. Point and click; done.

So, don’t you find it interesting that 97% of companies use Active Directory in some capacity but the vast majority don’t join their Linux and UNIX users to it, even though the technology to do so has been around for years? It’s even more surprising given the fact that the most privileged users in your organization probably have Linux and UNIX user accounts, and thus present the highest insider threat risk, through either intentional or accidental means. Your most critical assets are likely Linux and UNIX servers. These are the devices that house your most sensitive data, the servers upon which your most business-critical applications run. So why are your Linux/UNIX user accounts managed in silos, separate from the secure infrastructure of Active Directory?

You don’t have to look far to find a best-of-breed solution that combines the ease and flexibility of enabling AD as an infrastructure-wide repository for all of your users – Linux/UNIX as well as Windows – with the robustness of enterprise-class privileged user management tools for your Linux and UNIX environments. Simplified, secure, heterogeneous user management combined with powerful oversight and control over your most critical assets is a combination that brings the best gift of all to an IT professional – peace of mind.

Leave a Reply

Additional articles

pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,

On-Demand Webcast: The Little JPEG that Could (Hack Your Organization) with Marcus Murray

Posted September 10, 2014    Chris Burd

IT security has come a long way, but every once in a while you see something that makes you think otherwise. Every day, internal and external hackers breach and traverse “secure” environments, making you wonder just how easy it is for attackers to completely compromise your network. In a new on-demand BeyondTrust webcast, Marcus Murray,…

Tags:
, , , , ,

Retina Vulnerability Audits – September 2014 Patch Tuesday

Posted September 9, 2014    BeyondTrust Research Team

The following is a list of Retina vulnerability audits for this September 2014 Patch Tuesday: MS14-052 – Cumulative Security Update for Internet Explorer (2977629) 35141 – Microsoft Cumulative Security Update for Internet Explorer (2977629) 35142 – Microsoft Cumulative Security Update for Internet Explorer (2977629) – IE8/2003 35143 – Microsoft Cumulative Security Update for Internet Explorer (2977629) – IE8…