BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Key to Controlling Privileged User Activity? Centralize!

Posted April 18, 2012    Peter McCalister

Those of you who follow my blogs know that sudo – and the issues it presents IT organizations – is one of my favorite discussion topics. I suppose that’s because there is no shortage of stories that surface on a regular basis on the problems that can arise with sudo, and I feel compelled to remind our blog readers that the ease of deploying sudo coupled with the speed in which it can quickly spin out of control makes for a risky combination. Just last week I talked to yet another customer who lamented the security and compliance challenges of sudo: he had just discovered that IT admins were adding privileges for their friends to sudoer files across the organization. Not that hard to do when there is a sudoer file on every server, each managed locally, independently, often by multiple administrators.

Centralization truly is a cornerstone for control. Dorothy’s blog from April 2nd introduced BeyondTrust’s latest new product, PowerBroker Servers Enterprise 7.0, and captured how PowerBroker’s centralized approach and granular privileged access control protects against intentional or accidental misuse of privilege that would otherwise allow employees, or hackers through advanced persistent threat (APT) attacks, to execute privileged commands.

In the case of sudo, local sudoer files create a plethora of opportunities for misuse of privilege. Besides the common problem of ad hoc administration of the individual files documenting user privileges, there is also the issue of local, unencrypted logs. Such logs can easily be tampered with by the local user, eliminating any evidence of damage done through privileged access – intentional or not. As Dorothy pointed out, managing privileged access on all your Linux and UNIX systems, whether physical, virtual, or deployed in the cloud, is critical to ensuring only valid users run privileged commands on your servers.

PBSE provides the means for controlling privileged access on Linux and UNIX systems through:
Centralized policy files for managing user privileges, implemented through a simple-to-use graphical interface
Active Directory integration for centralized user management
Out-of-the-box reports on all privileged activity as well as regulation-specific compliance reports

There’s no doubt about it: a centralized approach to managing privileged access is proven to significantly reduce operational complexity and costs, protect critical assets from misuse of privileged access, and demonstrate compliance.

Leave a Reply

Additional articles

PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,
PowerBroker for Windows can be configured to automatically identify the end user’s language preference

Implementing Least Privilege Around the World with PowerBroker for Windows

Posted July 17, 2014    Morey Haber

BeyondTrust recognizes that international, multilingual businesses have unique operating challenges, especially when it comes to implementing enterprise software. PowerBroker for Windows is a least-privilege solution often deployed across thousands of systems spanning multiple geographies and protecting users of diverse backgrounds. Earlier this year, PowerBroker for Windows introduces new data privacy features for EMEA and APAC,…

Tags:
, ,