Challenges
Mandatory compliance requirements and pressure to prevent information leaks are driving companies to take action to protect their sensitive electronic assets against both external and internal threats. In addition, the challenge to ensure accountability across all levels of business operation while keeping costs down and increasing efficiency leaves little room for error. Open systems often serve as the backbone for key services and confidential data stores. Many critical applications and sensitive data, including customer information and financial data, are hosted on UNIX and now increasingly adopted Linux systems. UNIX and Linux systems have inherent security issues that pose high risk to the business objectives of complying with regulations and data protection. Each system includes overprivileged accounts that can compromise vital system resources including sensitive files, critical services and vulnerable network ports. An inability to address segregation of duties often results in these accounts being shared without proper accountability.
Opportunity
In a large server environment, consistent enforcement of security policies across servers and platforms is essential. A single set of strong access controls that is enforceable across disparate platforms is needed to neutralize platform differences. Elevating protection in this manner reduces the cost of management and increases accountability.
Benefits
Event auditing is essential for compliance reporting as well as security information management for a company. Of specific importance is ensuring that true user identity has been recorded despite various account privileges that a person might have assumed. In native UNIX and Linux systems, if a user performs a surrogate command, particularly to a shared privileged account, the traceability of user activities ends, leading to accountability gaps.
CA Access Control provides full superuser containment to greatly reduce security risks exposed by native privileged accounts. It enforces strict access control to critical system resources through centralized and automated policy management across different platforms. CA Access Control provides pluggable authentication module support, high
password quality policies, stringent authorization enforcement, as well as secure auditing that preserves original user identity for all system activities. This enables companies to reduce security risks, particularly from internal unauthorized access, and fulfills compliance requirements through high integrity auditing and reporting.
