BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Rock the Cradle of Root Access Gently

Posted February 11, 2011    Peter McCalister

The hand that rocks the cradle rules the world. This is an absolute truth. Although originally referring to motherhood, there is an especially poignant application from an enterprise point of view.  As long as the hand (your IT manager with root access) handles that cradle gently (your server and the sensitive information therein), your world will remain a secure place.

It’s when the cradle rocks a little too hard that walls start crumbling. And how do you keep that cradle calm and steady? The answer lies with the hand. Having an all-powerful IT administrator is dangerous and expensive- a cost that is not worth the security of your enterprise. Want your framework to stay standing? Let’s look at a few things you can do.

  1. Adopt the four golden words of server security: lock down root access. Your IT manager should not be allowed to be “the hand.” With root access they have can look at, move, and/or manipulate everything. There is no one in your organization, under any circumstances, that should be allowed rule the world. Don’t make the mistake of thinking your IT manager would never do such a thing, or that a breach won’t happen to you. Chances are good that’s exactly what the University of Hawaii thought. If they had integrated a solution to lock down root access, 40,000 confidential student records wouldn’t have been exposed.
  2. Create and maintain a keystroke log. All actions should be transparent and a record must be kept. This way, in the event that a breach does occur, all keystrokes are documented for easy auditing and identification. This will also raise the flag on any suspected wrongdoing.
  3. Install a solution that will alert you to the use of any forbidden keywords. This will proactively keep your sensitive and mission-critical information protected while warning you about any employee or contractor who may potentially have the intention of harming your company.

Securing your sever boils down to eliminating admin rights. It’s important to give all employees access to only the information they need, which is never root access. Participate in this enterprise security best practice today. Protect your cradle from the all-powerful IT hand keep it rocking smooth and slow

Leave a Reply

Additional articles

gartner market guide image - aug 2014

Introducing the Gartner Market Guide for Privileged Account Management

Posted July 29, 2014    Chris Burd

Gartner recently released a new Market Guide for Privileged Account Management (PAM), and we’d like to share a complimentary copy with you. The report includes PAM market analysis and direction, vendor overviews, and recommendations for selecting PAM solutions for your environment. BeyondTrust is one of two representative vendors (out of 20) to address all solution…

Tags:
, , , , , , , ,
Integrating Least Privilege and Password Management to Solve Account Security Challenges

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Posted July 24, 2014    Morey Haber

There is a reason all BeyondTrust Privileged Account Management (PAM) solutions share the PowerBroker name: They all inherently enable you to reduce user-based risk and can be integrated under a centralized IT risk management platform. Here’s one common use case that demonstrates how this integration changes the playing field. Consider the challenge of privileged access:…

Tags:
, , , , ,
PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,