Tag Archives: server security

Privileged Access & Control Software for Unix & Linux Systems

Server security, access management, privileged access managementUnix & Linux Control

Controlling what someone can do once they have accessed a Unix or Linux server within your environment is a goal for every systems administrator and security analyst to set their sights on.

System admins have a purpose to allowing other users of the system only limited access; users mess things up, and that know that. It could be anything from a noob (or novice administrator) who oversteps their knowledge, or it could be an application developer running a script with root privileges that does something like ‘rm -rf */*’. No sys admin wants to have to explain how that happened, or clean up the mess. Continue reading

Linux.com Article: As Public Cloud OS Instances Grow, So Do Security Admin Challenges

system security, access management, identity access management, foxtAs companies move or extend IT from private to public clouds, and from virtual machines (VMs) to system images, they often use a number of different operating system versions. They run different Linux distributions, different distro releases, and perhaps also non-*nix OSes, along with multiple templates, and the total number of instances can grow.

Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even with newer models for virtualization appearing on the horizon, this is not exactly how things are actually used today, according to David Dingwall, architect and business development manager at Fox Technologies.
Continue reading

Linux.com Article: Managing IT Access Privileges — Not As Solved As Management Thinks

Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges.

The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID badges) that can open many-to-all of the locks in the facility, for security and other staff, while regular staff’s keys or badges only work on specified rooms and entryways.
Continue reading

SSH Webinar: Control Your SSH..IT

Thank you for watching the second webinar installment: “Control Your SSH..IT”

We hope that you found the presentation educational, and look forward to your feedback and questions.

View Session 1: The SSH..IT Storm
View Session 2: Oh SSH..IT, Now What?!

You may also be interested in: Taming the Beast – SSH for Security and Compliance

system security, identity access management, foxt, active directoryFoxT Access Management & Governance solutions complement your existing technologies by adding granular control and enforcement of authentication and authorization policies for both privileged and end users. www.foxt.com/boks

SSH Webinar: Oh SSH..IT, Now What!

Thank you for watching the second webinar installment: “Oh SSH..IT, Now What?”

We hope that you found the presentation educational, and look forward to your attendance and participation next week.

Webinar Reminder:
Control Your SSH..IT
Thursday October 16th, 2014 | 10am PDT/1pm EDT

  • The “what” of SSH; what SSH services an account is allowed to use, and what they can do once granted access
  • Adding privilege management as an incorporated control measure

You may also be interested in: Taming the Beast – SSH for Security and Compliance

system security, identity access management, foxt, active directoryFoxT Access Management & Governance solutions complement your existing technologies by adding granular control and enforcement of authentication and authorization policies for both privileged and end users. www.foxt.com/boks

Enterprise System Security Training

Access Management and System SecuritySecurity training is one of the easiest, and hardest, things for an enterprise to do.

First, it takes budget, and these days budget for something ‘soft’ like this can be hard to come by in any organization. Second, it can be hard to measure any return on the investment. This is a problem with security in general, but with an exercise like training an activity like testing the training can be difficult, and it can add to the overall cost. Third, no matter how much training we give people, it always seems like it doesn’t stick. Especially with something like security where we are often asking people to replace what may be perceived as an efficient or simple method of doing something with a more secure practice that could be perceived as a burden.

And, after training managers may have an expectation that the problem is solved, where really it may not be. This leads to the first bit of advice:

Expectation does not replace inspection.

If we do not test for compliance, we can not truly know if we are compliant.

This is a great lesson for managing internal systems. Systems buried deep in our networks, providing critical operations and accessed only by the trusted staff of administrators at an enterprise are often assumed to be secure. The fact is, they are not inherently secure, but need to be secured. What these servers need to be protected against is the possibility of a compromised account, a user or administrator who exceeds his authority, or a disgruntled user who deliberately abuses their privilege to access a system.

Data Access and System SecurityIn the case of deliberate abuse, well, it is really very hard to stop. After all, someone has to have access to provide for the administration of our servers. And, we expect them to behave professionally and in the best interest of the enterprise.

And, there we go again, expecting something.

For Linux and Unix servers providing critical services it is not enough to expect the best. The use of a privilege management tool that can record the privileged activity is essential, and provides the ability to inspect as well.

There is a growing trend in enterprises, recognizing that administrative access to servers needs to be managed, protected and recorded. BoKS ServerControl provides the ability to manage the who, how and what of Linux and Unix access, combining account management, access control and privilege enforcement and monitoring.

 

You may also be interested in: Best Practices for Unix/Linux Privileged Identity and Access Management

system security, identity access management, foxt, active directoryFoxT Access Management & Governance solutions complement your existing technologies by adding granular control and enforcement of authentication and authorization policies for both privileged and end users. www.foxt.com/boks

Granular Enforcement of Access to File Systems Featured in Latest Release of FoxT ServerControl

Granular file-level access control for Windows and Unix, Kerberos-enabled SSH, and SSH user key management   extend the scope of FoxT’s privileged access management solution

Mountain View, CA – February 25, 2013 – Fox Technologies, Inc., a leading global provider of access management solutions, today announced the release of FoxT ServerControl (Server Security) version 6.7. Part of FoxT’s comprehensive Access Management solution suite, FoxT ServerControl enables organizations to proactively enforce privileged user access policies and actions across diverse Unix, Linux and Windows servers.

Continue reading