Hackers increasingly are mounting targeted, purposeful attacks on company infrastructure. Reports abound of disgruntled employees who misuse their privileged access to steal sensitive company data and customer information, or cause havoc to the organizationís computer system.
Unix systems, by their nature, have the potential for catastrophic security lapses, particularly in the hands of an unhappy employee. Organizations often have many Unix and Linux servers, each functioning independently and requiring its own management of the shared root account. Not only does this result in a disconnected collection of inconsistent controls that rely heavily on error-prone manual processes, but it also means that access to the root account for each system is gained through a password often shared among IT staff.
A survey of 150 senior IT decision-makers conducted on behalf of Dellís Quest Software revealed that:
- Forty-six respondents have more than 100 privileged accounts in their organizations.
- More than half of the respondents (53 percent) have more than 10 administrators who must access any of those accounts. More than a quarter of those (27 percent) share the passwords among 10 or more administrators.
- Almost two-thirds of respondents do not have a high level of confidence that they can track administrative activity performed with shared credentials back to the individual administrator who performed them.
The Suite bundles three privileged account management solutions under a unified console designed to resolve the management and security shortcomings inherent in Unix:
- Authentication Services is Dellís AD bridge solution, which extends the security and compliance of Active Directory to Unix and Linux ─ along with Mac and many enterprise applications ─ and shares a powerful management interface and tight integration with both Quest One Privilege Manager for Unix and Quest One Privilege Manager for Sudo.
- Quest One Privilege Manager for Unix is a replacement for sudo that provides fine-grained, policy-based control to protect the full power of root access from potential misuse or abuse, and helps define and enforce security policies stipulating who has access to which root function, as well as when and where individuals can perform those functions.
- Quest One Privilege Manager for Sudo takes privileged account management using sudo to the next level, eliminating inefficient and inconsistent box-by-box management. Dellís plug-ins can enhance sudo 1.8.1 (and newer) with a central policy server, centralized management of sudo and the sudoersí policy file, and centralized reporting on sudoers access rights and activities, as well as keystroke logging of activities performed through sudo.
Quest One Privileged Access Suite for Unix is available immediately, with pricing starting at $524USD per server.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.