Support Login Partner Login
Search
Products Solutions Services Customer Connects Partners Company
 
Home > Solutions > Super User and Privileged Account Management
Solutions

Solutions

Super User and Privileged Account Management

Problem

Properly defining, controlling, and monitoring administrative privileges in IT systems is a real challenge for enterprises. On Unix and Linux systems this is especially difficult since "root" access typically means unrestricted access.

As well, local Windows accounts are also difficult to control and track. In fact, each Windows operating system install operates with a pre-delivered local administrator account. While this account is deactivated by default in Windows 2008, it can be easily activated by your support staff, exposing your business and customer data to duplication or attack.

A lack of proper control over root and privileged functional accounts can lead to:

  • Users being given more privileges than they need to do their job
  • Passwords for super user accounts being shared and not properly protected
  • Inadequate audit logging of privileged account operations; inability to track actions back to the physical individual
  • Failure of audits and increased risk of insider fraud

Organizations must prove that privileged operations are suitably controlled, but delegating privileges is not straightforward. Sharing sensitive privileged account passwords is a security and compliance issue, while more complex methods, such as dual controls, can hinder business processes.

FoxT Solution

To effectively and efficiently control privileged accounts, a combination of different access management capabilities is required:

  • Enforced delegation of privileges, so users only get the privileges they need (and no more) based on your pre-defined access policies (who can access what, when, from where, and using which protocols)
  • Contextual authentication so that you can flexibly define and enforce the use of stronger authentication for access to sensitive data
  • Enforced use of encrypted communication to protect privileged account passwords
  • Detailed audit logs that record privileged operations, including forensic-level keystroke logging
  • Users can perform specified privileged operations using their own password or token; the system can be configured so that privileged account passwords are never needed for day-to-day operations
  • An optional privileged account password vault checkout function to prevent password sharing

Products

FoxT ServerControl

Resources
©2010 Fox Technologies. All Right Reserved. News & Events   Site Map   Contact Us   Privacy Policy