How to stop IT managers from going rogue
Research shows that nearly half of all data breaches come from inside an organization, sometimes by those trusted to protect sensitive corporate or customer data, which is why industry watchers say enterprise IT departments need to invest in technology that ensures no one person has all the power.
"The problem with large organizations is that IT people often have access to production and other sensitive passwords. Often they can simply log in as administrator and it can be difficult to monitor who actually made what change and when," says Andras Cser, senior analyst with Forrester Research. "There are a lot of http://www.networkworld.com/news/2008/071608-insider-threat.html ">insider threats today and many organizations have access policies that violate best practices."
Companies like e-DMZ, Cyber-Ark, Cloakware, Lieberman Software and BeyondTrust attempt to address that need. Symark acquired BeyondTrust and took on its name in September. The combined company focuses on technology to manage administrator access to Unix and Windows systems. This week BeyondTrust released an updated version of its IT administrator password management software. PowerKeeper 4.0 falls in the category of privileged account management software, Cser says, adding that preventing disgruntled IT managers from wreaking havoc is one reason to purchase such a product, another is to keep compliant with regulatory standards.
"This is a good product for managing password vaults and performing fine-grained privileged access management for Unix systems, and now Windows systems," Cser says.
PowerKeeper 4.0 is an appliance, available in physical or virtual form factors, that installs in a customer environment inside the firewall with access to the systems it will manage within the data center. The appliance uses automated password resets and management workflows to ensure that privileged accounts cannot be accessed in inappropriate ways. This version works with intelligent adapters to any operating system, database or device using SSH and Telnet, communicating with the devices and providing coverage for all systems in heterogeneous environments, the company says.
"The administrator that sets the policies can't also be the person in charge of monitoring access in our system," says Saurabh Bhatnagar, vice president of product management for BeyondTrust. "It complies with security and compliance regulations that require a segregation of duties and deals with regulating access to shared accounts so everyone isn't logging in as the same admin."
PowerKeeper is part of the company's suite of privileged access lifecycle management products that addresses access, control, monitoring and remediation capabilities when managing passwords and access to IT environments. This version also automatically discovers and brings under management computers found in Active Directory, which the company says helps provide more coverage more efficiently by using automation.
"Security, compliance and management efficiencies are the three main drivers for customers," Bhatnagar adds, saying that typically security managers or chief compliance officers would be the target customer.
PowerKeeper 4.0 is now available as part of BeyondTrust's PowerSeries Early Adopter Program. The PowerKeeper appliance or virtual machine costs $25,000, which includes enough licenses to manage 100 systems and an unlimited number of users.
Do you Tweet? Follow Denise Dubie on Twitter