White Papers

Cloud Computing

Securing Privilege Delegation in Public and Private Cloud Computing Infrastructure This white paper discusses the drivers for data centers moving to the cloud, the role of virtualization in both public and private cloud infrastructures and outlines the security and compliance implications of cloud computing - providing insight into the protection of sensitive data in the cloud via administrative access and privileged delegation.

Privileged Access Lifecycle Management (PALM)

Privilege. Made Simple ~ Privilege Identity Management (PIM) demystified In an effort to improve business security, compliance and productivity, privilege authorization policies must be redesigned and user permissions more granularly managed. Yet identity and access management (IAM) solutions have remained largely unchanged. Traditional solutions account for a significant part of the total cost of IAM, a staggering amount when you consider that these solutions fail to control superuser access to critical servers, and fail to enable desktop users to effectively perform their job.

Privileged Access Lifecycle Management: How PALM Enables Security, Compliance, and Efficiency for Enterprise IT Strengthening security, maintaining compliance, and achieving efficiencies and economies of scale are top-of-mind issues for enterprise IT executives. In this paper, IDC examines the role of identity and access management (IAM) solutions in addressing these needs and specifically looks at the role privileged access lifecycle management (PALM) can play in helping heterogeneous organizations proactively refine their strategies regarding privileged access management controls, cross-platform monitoring, and automated workflow capabilities.

PowerBroker for Servers

How Secure is your sudo? This white paper will illustrate certain positive situations where open source solutions like sudo often work in smaller scale enterprises. However, this white paper will also spotlight red flags that relate to larger companies or companies experiencing significant IT growth.

BeyondTrust PowerBroker: Root Access Risk Control for the Enterprise Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business.

From Trust to Process: Closing the Risk Gap in Privileged Access Control High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.

The Pursuit of a Standardized Solution for Secure Enterprise RBAC Using PowerBroker for Servers to implement role-based access control allows an organization to efficiently deploy key security and compliance requirements not always found in operating system (OS) RBAC implementations, including separation of duties and audit trails.

PCI DSS Compliance in the UNIX/Linux Datacenter Environment This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and applications storing and using proprietary cardholder.

Meeting the Access Security Requirements of Sec 404 of the Sarbanes-Oxley Act in a Heterogeneous UNIX/Linux Environment This document addresses how an organization can use BeyondTrust’s PowerBroker® and PowerPassword-UME® identity and access management solutions (IAM) for UNIX/Linux access security to meet and demonstrate compliance with Sarbanes-Oxley (SOX) Sec 404 requirements for effectiveness of internal controls for financial reporting requirements.

Passing UNIX/Linux Audits and Meeting Regulatory Compliance This white paper explains why the design of UNIX and Linux systems prevents them from passing today's security and compliance audits, and how BeyondTrust PowerBroker can bring these systems into compliance with multiple mandates such as PCI DSS (the Payment Card Industry Data Security Standard), the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach Bliley Act (GLBA).

Using PowerBroker Servers for Compliance with the Gramm-Leach-Bliley Act This paper explains how PowerBroker for Servers supports compliance with the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA), protecting consumers' non-public personal information (NPI) on Unix and Linux systems.

PowerBroker Desktops
*Formerly Privilege Manager

Least Privilege Application Compatibility for Windows 7 Migrations This paper will give you an overview of the new technologies built into Windows 7 and how those technologies can help you in your migration. We will also surface some of the confusion around what those technologies mean from a security perspective, especially when removing administrative privileges from your users.

BeyondTrust 2009 Microsoft Vulnerability Analysis This report shows that the removal of administrator rights from Windows users is a mitigating factor for 90% of Critical Windows 7 Vulnerabilities. The results demonstrate that as companies migrate to Windows 7 they’ll need to implement a desktop Privileged Identity Management solution, such as PowerBroker Desktops, in order to reduce the severity or prevent the exploitation of undiscovered or unpatched vulnerabilities and to ensure that their users can operate effectively without administrator rights.

Reducing the Threat from Microsoft Vulnerabilities This BeyondTrust Report investigates all vulnerabilities published in Microsoft’s 2008 Security Bulletins and reports on vulnerabilities that are mitigated by configuring users to operate without administrator rights. The results show that companies can reduce the threat from Microsoft vulnerabilities, experience greater protection from zero-day threats and reduce risk by removing administrator rights.

Building a Secure and Compliant Windows Desktop Virtually every organization is being compelled to improve client security. Auditors, regulators and business unit owners all recognize the threat unsecured desktops pose, and understand the need to comply with the myriad of regulatory and governance issues that make today’s headlines. While removing administrator rights from end users may be the Holy Grail of desktop security, doing so can have an impact on the everyday activities an end user needs to do for their job. Read this white paper to discover powerful strategies to effectively remove administrator rights and improve desktop security.

Applying the Principle of Least Privilege across the Enterprise When users login to their computers with local administrator privileges, they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege, these threats can be avoided and network security increased. However, when managing a least privilege computing environment systems must not only be locked down, but also still allow end users to perform all necessary tasks for their jobs. This paper presents several least privilege implementation options.

Fulfilling Compliance by Eliminating Admin Rights There’s a problem with the widespread distribution of administrator rights in your organization, and it has nothing to do with security. That problem is compliance: Compliance with the industry, governmental, and regulatory statutes that define certain configurations within your IT infrastructure. Although many of those configurations are mandated to enforce a greater level of security control, your job as IT professional is to ensure their fulfillment.

PowerBroker Directory Integrator

From Trust to Process: Closing the Risk Gap in Privileged Access Control High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.

PowerBroker Password Safe

From Trust to Process: Closing the Risk Gap in Privileged Access Control High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.

A Process-based Approach to Protecting Privileged Accounts & Meeting Compliance An Introduction to PowerBroker Password Safe® This paper discusses best practices for privileged account access management and privileged password management (PPM), and shows how BeyondTrust’s PowerBroker Password Safe user access control appliance creates a "defense in depth" across the IT portfolio.

Twelve Steps to Safeguarding Critical Data and Meeting PCI Compliance with PowerBroker Password Safe This document shows how PowerBroker Password Safe, a secure, hardened appliance that automates privileged password management, supports PCI DSS compliance by securing and auditing access to the privileged accounts, systems, and network devices that comprise the cardholder data environment.

How PowerBroker Password Safe® Supports HIPAA Compliance This document explains how PowerBroker Password Safe, a hardened appliance that provides secure storage and access for administrative passwords and encryption keys and certificates can help organizations comply with the HIPAA Final Security Rule.

PowerBroker Management Console

Improving IT Administration Efficiency via Automated Policy & Event Workflows This white paper highlights recommended steps to successfully implement automated policy management processes within Unix/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PBMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.

Government Specific

3 Simple Steps To Ensure DIACAP Compliance When it comes to achieving and maintaining DIACAP compliance, PowerBroker for Servers can help you get there. It’s a way to implement a consistent protocol of access control that prevents users from escaping to root, while centrally logging all privileged activity.