BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Do You Know Where Your Linux/UNIX Users Are?

Posted March 13, 2012    Peter McCalister

Or even who they are?

Sure you do, you say. You have someone responsible for managing Linux and UNIX user accounts. She manages the user store, grants user access to specific Linux/UNIX servers, and assigns specific privileges to users on those servers. When someone leaves the company, she makes sure the specific user accounts are removed. When someone assumes a new role within the company, she modifies the privileges accordingly.

Really, though – do you actually know that your Linux and UNIX users are being managed with the same rigor as your Windows users? Do you know what IT assets they have access to? Do you know for sure that there aren’t orphaned UNIX and Linux user accounts for employees that have long since moved on, that are still active? Your lead administrator for UNIX and Linux systems may be as competent as they come, but managing separate user accounts is a manual, labor-intensive process – which means it’s a process highly subject to human error.

If you deploy Active Directory in your IT infrastructure, you likely have a firm grasp of who your Windows users are and what privileges they have. You define access policies and push them out to your Windows users. You manage the users through a centralized repository. You wipe out user accounts the day its owners leave the company. Point and click; done.

So, don’t you find it interesting that 97% of companies use Active Directory in some capacity but the vast majority don’t join their Linux and UNIX users to it, even though the technology to do so has been around for years? It’s even more surprising given the fact that the most privileged users in your organization probably have Linux and UNIX user accounts, and thus present the highest insider threat risk, through either intentional or accidental means. Your most critical assets are likely Linux and UNIX servers. These are the devices that house your most sensitive data, the servers upon which your most business-critical applications run. So why are your Linux/UNIX user accounts managed in silos, separate from the secure infrastructure of Active Directory?

You don’t have to look far to find a best-of-breed solution that combines the ease and flexibility of enabling AD as an infrastructure-wide repository for all of your users – Linux/UNIX as well as Windows – with the robustness of enterprise-class privileged user management tools for your Linux and UNIX environments. Simplified, secure, heterogeneous user management combined with powerful oversight and control over your most critical assets is a combination that brings the best gift of all to an IT professional – peace of mind.

Leave a Reply

Additional articles

flash-logo

Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled”…

Tags:
, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

Tags:
, , , ,
Larry-Brock-CISO

Basic Blocking and Tackling for Defending Against Advanced Targeted Attacks

Posted January 22, 2015    Larry Brock

With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same.  It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique…

Tags:
, , , , ,