 |
|
|
| INFORMATION |
| Published : |
Jul 08, 2008 |
| Length : |
16 |
| Type : |
White Paper |
|
| |
|
|
| Overview : |
|
This white paper analyzes common vulnerabilities in protecting server resources and suggests a solution based on Server Access Management and Auditing. Working together, server access management and auditing can improve regulatory compliance and data privacy, provide greater IT accountability, partition access to superuser and root accounts, assign more granular responsibilities to individual IT people, monitor activities, and correlate actions across multiple systems. |
|
 |
|
| |
| View All Items By This Company |
| Browse Related Categories : |
Auditing, Compliance, Security |
|
|
|
|
|
Three key customer needs are driving interest in server access management:
1. Providing privileged access to increasing numbers of users that will help sustain
and grow the business.
2. Limiting the risk involved in granting additional access to critical IT resources.
3. Satisfying the growing number of compliance and data privacy regulations.
Protecting server resources from both internal and external access abuse and attacks must be a critical aspect of an enterprise’s overall security posture. The incessant barrage of threats and attacks on enterprise security continues to challenge IT and enterprises. A French banking fraud example clearly underscores this need. In a recent internal security breach, a financial and lending institution that served French customers for over 100 years disclosed that a junior trader’s unauthorized activities cost the bank roughly $7 billion. The trader used privileged account access from his previous position in the bank’s IT group and colleagues’ passwords to make unauthorized and fictional trades. He also altered logs to hide his activities. The French Bank’s problems highlight common business and IT problems in securing server systems such as:
* Inadequate access control policies, procedures and audit logging
* Shared administrative responsibilities
* No separation of duties
* Abuse of privileged accounts
METHODOLOGY
The premises and opinions of this white paper are based on historical and current research. Over the last 10 years, IDC customer and vendor surveys show that IT and senior management are becoming increasingly concerned about internal security, especially among highly privileged administrators.
IN THIS WHITEPAPER
This white paper analyzes common vulnerabilities in protecting server resources and suggests a solution based on two key elements:
* Server Access Management
* Auditing
Working together, server access management and auditing can improve regulatory compliance and data privacy, provide greater IT accountability, partition access to superuser and root accounts, assign more granular responsibilities to individual IT people, monitor activities, and correlate actions across multiple systems.
|
|
|
|
 |
|
