Containment of Privileged and Root Accounts: Practical Challenges and Considerations

system security, access management, identity access management, foxtConsidering all of the work that needs to be done using privileged permissions, most organizations find that controlling delegation of privileged and root accounts can quickly become difficult to manage and monitor. Furthermore, granted permissions are rarely reviewed or revoked, which means that users unintentionally accumulate more and more privileges over time as their job functions change and new access rights are granted.
Continue reading

Linux.com Article: As Public Cloud OS Instances Grow, So Do Security Admin Challenges

As companies move or extend IT from private to public clouds, and from virtual machines (VMs) to system images, they often use a number of different operating system versions. They run different Linux distributions, different distro releases, and perhaps also non-*nix OSes, along with multiple templates, and the total number of instances can grow.

Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even with newer models for virtualization appearing on the horizon, this is not exactly how things are actually used today, according to David Dingwall, architect and business development manager at Fox Technologies.
Continue reading

Mitigating Risk to Server Environments Through Authentication Strategies

Are you a security admin evaluating risk in your organization? Where do you look first? I think the number one risk to a server environment are the people who touch computers every day. But since we can’t take away people’s computers (even though we would like to!), our challenge as security admins is to put controls in place that mitigate the risk caused by user actions.

Continue reading

Linux.com Article: Managing IT Access Privileges — Not As Solved As Management Thinks

Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges.

The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID badges) that can open many-to-all of the locks in the facility, for security and other staff, while regular staff’s keys or badges only work on specified rooms and entryways.
Continue reading

Sudo or SuDon’t: Are you managing privileged command execution?

Managing privilege in the enterprise server infrastructure can be a real challenge. For starters, Linux™ and Unix™ system administrators will need root level authority at times to do their jobs. Systems operations staff such as DBAs will also need periodic database and application account authority. And last, security administrators will need to protect the environment. Adding to the challenge, the security administrator role does not even exist in many organizations that have grown their infrastructure quickly.

Continue reading

The Recent OPM Systems Breach: Security Needs to be a Priority

system security, access management, identity access management, foxtIt seems that not a month goes by without a new report of a massive breach that has compromised millions of records.

The recent breach of US OPM systems is just another example, it seems, of the poor governance and practices that are endemic to too many enterprises. Administrators credentials, with the privilege to do anything on a computer system, and the ability to view (or even manipulate) any of the stored data, seem to have been the cause.

Continue reading