Business Solutions

Business Solutions

Technology Spotlight

Our patented Digital Vault provides premier security.
Learn More

Unix / Linux Security

The Challenge

In many organizations, IT administrators, application developers, database administrators and others are known to have permanent, continuous yet anonymous superuser privileges. As a result, too many people have the potential to be exposed to and access business critical systems and data that are not part of their day-to-day role or responsibilities.

The biggest challenge organizations face today with regards to their superusers is both knowing and controlling who is accessing their business-critical systems and information, when and why they are accessing them and what actions they take. Without insight into this information, organizations risk:

  • Non compliance with regulation standards - Regulatory standards such as Payment Card Industry Data Security (PCI), Sarbanes-Oxley Act and the numerous others around the world are demanding tighter control and tracking of superusers.
  • Operational complexities - Multiple superusers without command-specific privileges may lead to increased human errors that reduce the reliability, availability or performance of mission-critical systems.
  • A tradeoff between security, business and operational needs - The inability to scale well in the large enterprise with many UNIX servers to manage and configure, makes today's most commonly used SUDO solution operationally challenging for many organizations. Furthermore, the SUDO solution lacks a reporting mechanism for managers and auditors and overall provides a less secure solution than required as files and audit logs are stored locally, thus exposing them to human tampering by those same users who have root permissions.

The Solution

Cyber-Ark's On-Demand Privileges Manager is the first unified, policy driven product that empowers IT and enables 360° visibility and control of your superusers and privileged accounts across your enterprise.

  • Eliminate Insider Threats: granular access control - Protect your most sensitive IT assets by granting superusers only the permissions to specific commands they are entitled to run thus reducing the risk of exposure to abuse or error.
  • Approach Compliance with Confidence: personalized auditing and recording - Being able to link a root account and activity with a personal username is a central requirement in auditing. That's why with On-Demand Privileges Manager every user is accountable for his/her actions. Moreover, privileged session text recording ensures that all commands and their output are recorded and securely stored in Cyber-Ark's Digital Vault.
  • Do Business Better: one-stop-shop for Privileged Account Management and Privileged User Management – Improve IT and auditor's efficiency with a pre-integrated solution that enables centralized management and reporting both for who can access privileged accounts as well as which command-specific actions they can run. These two products go hand-in-hand to create a powerful solution that allow you to manage and control root passwords on the one hand and enable command level auditing and recording on the other.

Benefits

  • Minimize data breaches and outages associated with uncontrolled access to the superuser account.
  • Comply with regulation by proving to auditors that you secure, manage and control superuser privileges.
  • Easily pinpoint critical business system failures with advanced monitoring and reporting tools.
  • Replace siloed SUDO solutions with an enterprise ready and scalable product that has unparalleled security, centralized easy management and enhanced audit capabilities.
  • Reduce total cost of ownership with an integrated solution that eliminates the need for two separate products for Privileged Account and Privileged User Management.

Links

 

Created by PixelMEDIA, Inc.