BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Rock the Cradle of Root Access Gently

Posted February 11, 2011    Peter McCalister

The hand that rocks the cradle rules the world. This is an absolute truth. Although originally referring to motherhood, there is an especially poignant application from an enterprise point of view.  As long as the hand (your IT manager with root access) handles that cradle gently (your server and the sensitive information therein), your world will remain a secure place.

It’s when the cradle rocks a little too hard that walls start crumbling. And how do you keep that cradle calm and steady? The answer lies with the hand. Having an all-powerful IT administrator is dangerous and expensive- a cost that is not worth the security of your enterprise. Want your framework to stay standing? Let’s look at a few things you can do.

  1. Adopt the four golden words of server security: lock down root access. Your IT manager should not be allowed to be “the hand.” With root access they have can look at, move, and/or manipulate everything. There is no one in your organization, under any circumstances, that should be allowed rule the world. Don’t make the mistake of thinking your IT manager would never do such a thing, or that a breach won’t happen to you. Chances are good that’s exactly what the University of Hawaii thought. If they had integrated a solution to lock down root access, 40,000 confidential student records wouldn’t have been exposed.
  2. Create and maintain a keystroke log. All actions should be transparent and a record must be kept. This way, in the event that a breach does occur, all keystrokes are documented for easy auditing and identification. This will also raise the flag on any suspected wrongdoing.
  3. Install a solution that will alert you to the use of any forbidden keywords. This will proactively keep your sensitive and mission-critical information protected while warning you about any employee or contractor who may potentially have the intention of harming your company.

Securing your sever boils down to eliminating admin rights. It’s important to give all employees access to only the information they need, which is never root access. Participate in this enterprise security best practice today. Protect your cradle from the all-powerful IT hand keep it rocking smooth and slow

Leave a Reply

Additional articles

CyberResiliency

6 things I like about Gartner’s Cyber Resiliency Strategy

Posted August 27, 2015    Nigel Hedges

There were 6 key principles, or recommendations, that Gartner suggested were important drivers towards a great cyber resiliency posture. I commented more than once during the conference that many of these things were not new. They are all important recommendations that are best when placed together and given to senior management and the board – a critical element of organisations that desperately need to “get it”.

Tags:
,
powerbroker-difference-1

Why Customers Choose PowerBroker: Flexible Deployment Options

Posted August 26, 2015    Scott Lang

BeyondTrust commissioned a study of our customer base in early 2015 to determine how we are different from other alternatives in the market. What we learned was that there were six key differentiators that separate BeyondTrust from other solution providers in the market. We call it the PowerBroker difference,

Tags:
, ,
Mac-Security-Enterprise

On Demand Webinar: Security Risk of Mac OS X in the Enterprise

Posted August 20, 2015    BeyondTrust Software

In the last several years, Mac administrators have come to realize that they may be just as vulnerable to exploits and malware as most other operating systems. New malware and adware is released all the time, and there have been serious vulnerabilities patched by Apple in the past several years, some of which may afford attackers full control of your systems.

Tags:
, ,