Unix & Linux Control
Controlling what someone can do once they have accessed a Unix or Linux server within your environment is a goal for every systems administrator and security analyst to set their sights on.
System admins have a purpose to allowing other users of the system only limited access; users mess things up, and that know that. It could be anything from a noob (or novice administrator) who oversteps their knowledge, or it could be an application developer running a script with root privileges that does something like ‘rm -rf */*’. No sys admin wants to have to explain how that happened, or clean up the mess. Continue reading
Network and Data Security Breaches Are Rising Exponentially
IIn today’s environment of massive data security breaches organizations more than ever need to deploy a defense in depth.
Firewalls no longer are enough to keep hackers out and prevent breaches. Threats can emanate from all directions, and often the first foothold an attacker can get is on a common desktop or laptop of an unsuspecting person who opens an e-mail attachment or visits a malicious website. Defending these systems is hard, but must be attempted. However, in the face of much evidence these systems will remain vulnerable and continue to be the source of many breaches. It is what happens next that must be considered and prepared for.
After the initial successful breach, the goal of an attacker will be to widen their foothold in an organization until they have compromised the valued data, or have control over the valued systems. Attackers spread themselves through additional systems through lateral attacks, jumping from one machine to the next until they can reach their goal. Each step is an opportunity to prevent or detect the attack, or prevent or detect the next attack.
For these reasons layers of security are required to find and prevent each link in the chain of attack. Continue reading
Secure Shell (SSH) Data Security
The Ponemon Institute and Forrester have both published studies that have raised a lot of attention, and questioned the security of SSH deployments, and both focus on the implementation practices and procedures. The ugly truth is that this vital tool is often little considered in the security plans of many enterprises.
The focus of both of these studies is on SSH key management. This can certainly be a very important topic, especially with a standard/default SSH implementation: if you need to use SSH user-keys for authentication it becomes enabled for all accounts that have access to the system. Continue reading
The capacity for disruptive innovation is a well-regarded quality among technology entrepreneurs, but they are not the only ones known for constantly upsetting established protocol. Hackers and organized criminals continue to hone their capabilities and attacks, hiding their online activity in a flood of data and overwhelming or subverting organizational defenses. Regular and increasingly large disruptions will begin to tear at the integrity of the internet, creating new technical, social, and political divisions.
The Federal Deposit Insurance Corp. (FDIC), responsible for insuring bank deposits, has been identified as failing to implement; controls to authenticate its system users’ identities, and other security programs by the Government Accountability Office (GAO).
Network Security weaknesses were identified during audits conducted by the GAO. Other flaws included restriction of access to sensitive systems and data, the encryption of sensitive data, the monitoring of system access, and conducting background investigations on its employees. Continue reading
Parallax Capital Partners, LLC Investment will accelerate innovation and R&D for access management and governance software leader
Mountain View, CA — June 10, 2013 — Fox Technologies Inc. (FoxT), the industry leader in access management and governance software, today announced it has been acquired by southern California-based Parallax Capital Partners, LLC a private equity firm focused on companies with proven products and an established customer bases. The terms of the transaction were not exposed.
Granular file-level access control for Windows and Unix, Kerberos-enabled SSH, and SSH user key management extend the scope of FoxT’s privileged access management solution
Mountain View, CA – February 25, 2013 – Fox Technologies, Inc., a leading global provider of access management solutions, today announced the release of FoxT ServerControl (Server Security) version 6.7. Part of FoxT’s comprehensive Access Management solution suite, FoxT ServerControl enables organizations to proactively enforce privileged user access policies and actions across diverse Unix, Linux and Windows servers.