This paper explains how PowerBroker Servers supports compliance with the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA), protecting consumers' non-public personal information (NPI) on Unix and Linux systems.
Download >>
This document addresses how an organization can use BeyondTrust’s Identity and Access Management solutions (IAM) for UNIX/Linux to meet and demonstrate compliance with Sarbanes-Oxley (SOX) Sec 404 requirements for effectiveness of internal controls and financial reporting requirements.
Download >>
In an effort to improve business security, compliance and productivity, privilege authorization policies must be redesigned and user permissions for more granularly managed. Yet Identity and Access Management (IAM) solutions have remained largely unchanged. Traditional solutions account for a significant part of the total cost of IAM, a staggering amount when you consider that these solutions fail to control superuser access to critical servers and fail to enable desktop users to effectively perform their job.
Download >>
Though not publicized or romanticized by the Information Technology community, Unix/Linux OS users have passionately embraced either implementing open source privileged identity management solutions (i.e., sudo), commercial solutions that are more user friendly, or not implementing anything at all. Though highly disputed, the fact of the matter is that both solution-types do work and both bring high-value depending upon the IT environment that it is managing.
Download >>
This white paper will illustrate certain positive situations where open source solutions like sudo often work in smaller scale enterprises. However, this white paper will also spotlight red flags that relate to larger companies or companies experiencing significant IT growth.
Download >>
This white paper explains why the design of UNIX and Linux systems prevents them from passing today's security and compliance audits, and how BeyondTrust PowerBroker can bring these systems into compliance with multiple mandates, such as PCI DSS (Payment Card Industry Data Security Standard), the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach Bliley Act (GLBA).
Download >>
Using PowerBroker Servers to implement role-based access control allows an organization to efficiently deploy key security and compliance requirements not always found in operating system (OS) RBAC implementations, including separation of duties and audit trails.
Download >>
This IDC Vendor Profile profiles BeyondTrust, a market leader in the Privileged Identity Management (PIM) space. In this Vendor Profile, IDC defines the market drivers for PIM technology and outlines the BeyondTrust approach to solving this issue for both enterprise and government entities.
Download >>
This BeyondTrust report investigates all vulnerabilities published by The National Institute of Standards and Technology (NIST) sudo Security Bulletins. It reports on vulnerabilities that are mitigated by configuring users to operate without the root password to UNIX and Linux operating systems. The results show that despite unpredictable and evolving attacks, companies can greatly reduce risks and threats from a myriad of security vulnerabilities by withholding root access from IT staff.
Download >>
Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business. Without putting more effective controls on high-privilege access such as UNIX or Linux root account, enterprises not only expose the most business-critical IT assets to the most fundamental level of risk, they also expose trustworthy administrators to the consequences of privilege abuse by others. Commodity tools such as sudo often have gaps in the level of control, scalability and support the enterprise realistically needs. In this paper, ENTERPRISE MANAGEMENT ASSOCIATES® (EMA™) analysts examine BeyondTrust PowerBroker, a more comprehensive solution designed to close these gaps for the enterprise with provable control.
Download >>
When it comes to achieving and maintaining DIACAP compliance, PowerBroker for Servers can help you get there. It’s a way to implement a consistent protocol of access control that prevents users from escaping to root, while centrally logging all privileged activity.
Download >>
This white paper highlights recommended steps to successfully implement automated policy management processes within UNIX/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PSMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.
Download >>
Linux mastermind Sander van Vugt gives an overview of the current options that are available in the Linux operating system and discusses some features that can cause potential problems in modern enterprise environments. He gives his perspective on Linux and how it has evolved through the years and discusses performing administrative tasks at length, including the benefits and disadvantages of using su, policykit and sudo for admin delegation.
Download >>
This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and applications storing and using proprietary cardholder.
Download >>