BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Reasons Why You Should Give a DAM: Part 1

Posted June 21, 2011    Peter McCalister

The lack of control of privileged database credentials continues to expose corporations to significant risk associated with insecurity and inaccuracy of the key data assets that drive business activities, decisions, and value. I’ve previously covered the six questions you should ask yourself if you should give a DAM, so now it’s time to look a little deeper at the implications.

Specifically, weak control of privilege credentials provides the opportunity for the insiders holding those credentials (or hackers who acquire them) to mis-use their elevated privileges to steal or fraudulently manipulate data or simply introduce inaccuracies through human error. The consequences of these unauthorized actions can be severe for businesses especially if the activity goes undetected for a prolonged period of time. Secondarily, the compliance costs associated with proving to IT audit that adequate database controls around these privileged users are in place is high.

The solutions currently available to corporations today are often times not entirely effective, and are expensive to purchase, deploy, and maintain. Custom developed solutions that leverage the database’s native security and audit features are a common approach. These solutions are expensive to design, develop, maintain and operate. Database Activity Monitoring products on the market today are another alternative. These products provide tools to implement detective and preventative controls for DBAs, however, there are three key weaknesses in these products:

The preventative capabilities are driven largely by policies involving rudimentary session attributes, access patterns, and activity thresholds. These do not provide the capability to control activity on a fine grained basis based on external context.
The monitoring capability of many of these products does not provide the level of visibility into what is happening to data assets stored within the database, nor does it provide the activity detail needed to assess impact of the activity and remediate it if necessary.
The products are expensive and complex to implement.

Leave a Reply

Additional articles

Sudo_logo

Don’t Create a Different sudoers File for Each System

Posted May 20, 2015    Randy Franklin Smith

What if you have multiple Linux and/or Unix systems? Sudo management can become onerous and unwieldy if you try to manage a different sudoers file on each system. The good news is that sudo supports multiple systems.

password-safety

What Does Microsoft Local Administrator Password Solution Really Do?

Posted May 19, 2015    Morey Haber

LAPS is a feature that allows the randomization of local administrator accounts across the domain. Although it would seem that this capability overlaps with features in BeyondTrust’s PowerBroker Password Safe (PBPS), the reality is it is more suited for simple use cases such as changing the local Windows admin account and not much more.

Tags:
, ,
webinar_ondemand

On Demand Webinar: Securing Windows Server with Security Compliance Manager

Posted May 14, 2015    BeyondTrust Software

On Demand Webinar: Security Expert Russell Smith, explains how to use Microsoft’s free Security Compliance Manager (SCM) tool to create and deploy your own security baselines, including user and computer authentication settings.

Tags:
, ,