SSH Management has been in the press a lot the last 2 years.
Sponsored reports from analysts have focused on poor key and SSH management practices, a highly speculative assertion that Edward Snowden somehow used keys to gain access to systems (which he denies), and now the US NIST has published a document that, among other things, puts a focus on ‘automated authentication’ used for application-to-application (app2app) or system-to-system/computer-to-computer (c2c) communications.
NIST now recommends that the same level of focus and account management that has been recommended for year for interactive (people) accounts be placed on these automated accounts. Continue reading
Unix & Linux Control
Controlling what someone can do once they have accessed a Unix or Linux server within your environment is a goal for every systems administrator and security analyst to set their sights on.
System admins have a purpose to allowing other users of the system only limited access; users mess things up, and that know that. It could be anything from a noob (or novice administrator) who oversteps their knowledge, or it could be an application developer running a script with root privileges that does something like ‘rm -rf */*’. No sys admin wants to have to explain how that happened, or clean up the mess. Continue reading
Identity Access Management (IAM)
I just read a recent article about IAM (Identity Access Management) projects, and the level of complication that can ensue when trying to plan and implement a project of the scale and scope that a comprehensive IAM project entails.
The theme of the article is that AD (Active Directory), in many enterprises, is the identity store of choice; the idea being that if you could align your enterprise to use a single account, there is an economy of scale, reducing the number of places where access and permissions would need to be managed. Continue reading
Network and Data Security Breaches Are Rising Exponentially
IIn today’s environment of massive data security breaches organizations more than ever need to deploy a defense in depth.
Firewalls no longer are enough to keep hackers out and prevent breaches. Threats can emanate from all directions, and often the first foothold an attacker can get is on a common desktop or laptop of an unsuspecting person who opens an e-mail attachment or visits a malicious website. Defending these systems is hard, but must be attempted. However, in the face of much evidence these systems will remain vulnerable and continue to be the source of many breaches. It is what happens next that must be considered and prepared for.
After the initial successful breach, the goal of an attacker will be to widen their foothold in an organization until they have compromised the valued data, or have control over the valued systems. Attackers spread themselves through additional systems through lateral attacks, jumping from one machine to the next until they can reach their goal. Each step is an opportunity to prevent or detect the attack, or prevent or detect the next attack.
For these reasons layers of security are required to find and prevent each link in the chain of attack. Continue reading
Thank you for joining us for the first installment of our 3-part webinar series on SSH. Below are your questions answered.
Re: key management. If keys and logging is configured correctly, ssh/pka is multi-factor authentication which is invariably “better” than single factor authentication. It sounds like foxit’s stance is pointed more towards single factor auth to privileged accounts. Is that accurate and, if so, how is that justified?
FoxT absolutely does not recommend passwords, or another single-factor authentication, as the preferred method of authentication. A key aspect that we were attempting to draw out is that in locally configured and controlled SSH deployments, and with many products that offer SSH access control, the decisions on how SSH is controlled are globally applied. FoxT believes, and the BoKS ServerControl product provides, a much more granular solution to SSH access control than what was discussed in the initial presentation, which was intended to draw out the deficiencies in many SSH implementations. Continue reading
LinuxCon is the place to learn from the best and the brightest, delivering content from the leading maintainers, developers and project leads in the Linux community and from around the world. There’s simply no other event in North America where developers, sys admins, architects and all types and levels of technical talent gather together under one roof for education, collaboration and problem-solving to further the Linux platform.
The Federal Deposit Insurance Corp. (FDIC), responsible for insuring bank deposits, has been identified as failing to implement; controls to authenticate its system users’ identities, and other security programs by the Government Accountability Office (GAO).
Network Security weaknesses were identified during audits conducted by the GAO. Other flaws included restriction of access to sensitive systems and data, the encryption of sensitive data, the monitoring of system access, and conducting background investigations on its employees. Continue reading
June 19th, 2014
In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. A risk management framework can bring visibility to key business and compliance risks and enable a company to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved.
April 14-17, 2014
San Francisco, CA
The 2014 Red Hat Summit (open source technology) is meant for anyone looking to exponentially increase their understanding of open source technology and identify powerful solutions for their business needs. From community enthusiasts and system administrators to enterprise architects and CxOs, we have sessions and tracks for each level of interest and need.
Mountain View, CA – July 1, 2013 – Fox Technologies, Incorporated, (FoxT), a leading provider of unified Access Management and Governance solutions, today announced the expansion of platform coverage for FoxT ServerControl version 6.7 to include the ability to control privileged user access to HP-UX Virtual Servers. Part of FoxT’s comprehensive Access Management and Governance solution suite, FoxT ServerControl enables organizations to proactively enforce privileged user access policies and actions across diverse UNIX, Linux and Windows servers.