Security Management Strategies for the CIOAccess "Privileged account management critical to data security"
This article is part of the July/August 2009 issue of Why privileged account management is critical to today's data security
In the wrong hands, privileged accounts represent the biggest threat to enterprises because these accounts can breach personal data, complete unauthorized transactions, cause denial-of-service attacks, and hide activity by deleting audit data. Privileged accounts, such as the UNIX root, Windows Administrator accounts or accounts associated with database ownership and router access, are required for platforms to function. Moreover, they are required for "break the glass" emergency access scenarios as well as more mundane day-to-day tasks. While important, they are notoriously difficult to secure because they don't belong to real users and are usually shared by many administrators Yet a down economy increases the risk of disgruntled workers, making it more important than ever to have a system in place to control privileged access. What's more, control of privileged accounts is at the top of the auditor's findings list, and is an essential component of compliance mandates associated with Sarbanes-Oxley, the Payment Card Industry Data Security Standard (PCI DSS)... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
ISP shutdown latest cat-and-mouse game with hackers
While the 3FN.Net shutdown had limited impact on cybercriminals, it signaled that the private sector and the government are serious about illegal activity.
-
DNSSEC deployments gain momentum since Kaminsky DNS bug
DNSSEC brings PKI to the Domain Name System and prevents dangerous cache poisoning attacks. Implementation difficulties and political battles, however, keep it from going mainstream.
-
ISP shutdown latest cat-and-mouse game with hackers
-
-
Privileged account management critical to data security
Regulatory requirements and economic realities are pressuring enterprises to secure their privileged accounts.
-
Unified threat management products gaining midmarket, enterprise foothold
Unified threat management (UTM) appliances offer consolidated security services in a single, manageable firewall/VPN appliance. But purchase and use only the security options you need. Otherwise you will pay too much for the appliance and for tools that won't make your business more secure
-
Privileged account management critical to data security
-
Columns
-
Editor's Desk: Google security needs HTTPS by default
Security's leading thinkers ask Google to turn on HTTPS by default for Gmail, Docs and Calendar.
-
Align your data protection efforts with GRC
Data protection and compliance teams battle for resources but need each other to succeed.
-
Editor's Desk: Google security needs HTTPS by default
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...