BeyondTrust Call Us:
US/Canada: 1-800-234-9072
Direct Dial:  1-818-575-4000

  White Papers
Demos & Webcasts

Contact Us
Sales: 1-800-234-9072
Support: 1-818-575-4040

White Papers

  • PALM
  • PSMC
  • PowerBroker
  • Privilege Manager
  • PowerKeeper
  • Government Specific
  • PowerADvantage
  • EMEA (Europe, Middle East, Africa)

  • Privileged Access Lifecycle Management (PALM)
    Strengthening security, maintaining compliance, and achieving efficiencies and economies of scale are top-of-mind issues for enterprise IT executives. In this paper, IDC examines the role of identity and access management (IAM) solutions in addressing these needs and specifically looks at the role privileged access lifecycle management (PALM) can play in helping heterogeneous organizations proactively refine their strategies regarding privileged access management controls, cross-platform monitoring, and automated workflow capabilities.

    PowerBroker
    Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business.
    High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.
    Using PowerBroker to implement role-based access control allows an organization to efficiently deploy key security and compliance requirements not always found in operating system (OS) RBAC implementations, including separation of duties and audit trails.
    This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes the more common vulnerabilities exploited by insider attacks and a method for assessing insider risk.
    This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and applications storing and using proprietary cardholder.
    This paper, written by SANS Organization analysts, compares and contrasts the differences in features and functionality between BeyondTrust PowerBroker version 4.0 and the open source access control product sudo.
    This document discusses the use of PowerBroker software to address some of the security and audit problems inherent in native UNIX and Linux operating systems.
    Secure incoming telnet and rlogin sessions and all outgoing user-initiated Internet activities.
    This document addresses how an organization can use BeyondTrust’s PowerBroker® and PowerPassword-UME® identity and access management solutions (IAM) for UNIX/Linux access security to meet and demonstrate compliance with Sarbanes-Oxley (SOX) Sec 404 requirements for effectiveness of internal controls for financial reporting requirements.
    This guide offers tips on avoiding costly password incidents and formulating new access control policies. Data can be compromised by trusted users who intentionally – or accidentally – harm a system through sabotage or theft of proprietary information. This guide aims to assist System Administrators and security managers in establishing controls and policies that protect the enterprise from these threats.
    This white paper explains why the design of UNIX and Linux systems prevents them from passing today's security and compliance audits, and how BeyondTrust PowerBroker can bring these systems into compliance with multiple mandates such as PCI DSS (the Payment Card Industry Data Security Standard), the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach Bliley Act (GLBA).
    This paper explains how BeyondTrust PowerBroker supports compliance with the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBA), protecting consumers' non-public personal information (NPI) on UNIX and Linux systems.
    Bring your UNIX/Linux systems into compliance with FDA Regulation 21 CFR Part II requirements.
    This document addresses the use of BeyondTrust’s PowerPassword, User Management Edition (UME) and PowerBroker security software to meet HIPAA requirements for stringent technical security controls over patient data.
    This document addresses the use of BeyondTrust PowerPassword®, User Management Edition, BeyondTrust PowerBroker®, and BeyondTrust PowerKeeper® to meet the requirements of NIST Special Publication 800-53 for UNIX and Linux systems.
    This white paper explains the specialized security PowerBroker and PowerPassword provide for UNIX/Linux systems, and includes calculators that compute payback, ROI, and automation savings at different levels of investment for each product.
    Safely delegate administrative privileges (including ROOT) and implement secure logins and strong passwords.
    BeyondTrust solutions support FFIEC IS Control requirements.

    PowerADvantage
    High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.

    PowerKeeper
    High-privilege administrative accounts hold the keys to gain access to the most sensitive IT processes and proprietary data—yet this level of access is far too often based on little more than trust alone. In this whitepaper, Enterprise Management Associates (EMA) examines this critical issue in IT security administration in light of the BeyondTrust approach to helping businesses move from a trust-based system to a secure, auditable process in order to provide a higher standard of control and better support for regulatory compliance.
    This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes the more common vulnerabilities exploited by insider attacks and a method for assessing insider risk.
    This paper discusses best practices for privileged account access management and privileged password management (PPM), and shows how BeyondTrust’s PowerKeeper user access control appliance creates a "defense in depth" across the IT portfolio.
    This document shows how BeyondTrust PowerKeeper, a secure, hardened appliance that automates privileged password management, supports PCI DSS compliance by securing and auditing access to the privileged accounts, systems, and network devices that comprise the cardholder data environment.
    This document explains how BeyondTrust PowerKeeper, a hardened appliance that provides secure storage and access for administrative passwords and encryption keys and certificates, can help organizations comply with the HIPAA Final Security Rule.
    This white paper shows how PowerKeeper's security features support GLBA compliance in today's climate of more stringent enforcement.

    PowerSeries Management Console

    Improving IT Administration Efficiency via Automated Policy & Event Workflows

    This white paper highlights recommended steps to successfully implement automated policy management processes within Unix/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PSMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.
    Privilege Manager

    Reducing the Threat from Microsoft Vulnerabilities

    This BeyondTrust Report investigates all vulnerabilities published in Microsoft’s 2008 Security Bulletins and reports on vulnerabilities that are mitigated by configuring users to operate without administrator rights. The results show that companies can reduce the threat from Microsoft vulnerabilities, experience greater protection from zero-day threats and reduce risk by removing administrator rights.

    Building a Secure and Compliant Windows Desktop

    Virtually every organization is being compelled to improve client security. Auditors, regulators and business unit owners all recognize the threat unsecured desktops pose, and understand the need to comply with the myriad of regulatory and governance issues that make today’s headlines. While removing administrator rights from end users may be the Holy Grail of desktop security, doing so can have an impact on the everyday activities an end user needs to do for their job. Read this white paper to discover powerful strategies to effectively remove administrator rights and improve desktop security.

    Applying the Principle of Least Privilege across the Enterprise

    When users login to their computers with local administrator privileges they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege these threats can be avoided and network security increased. However, when managing a least privilege computing environment systems must not only be locked down, but also still allow end users to perform all necessary tasks for their jobs. This paper presents several least privilege implementation options.

    Government Specific
    When it comes to achieving and maintaining DIACAP compliance, BeyondTrust’s PowerBroker can help you get there. It’s a way to implement a consistent protocol of access control that prevents users from escaping to root, while centrally logging all privileged activity.
    This white paper explains PowerBroker functionality by showing how the product addresses the NISPOM security categories developed by the Defense Security Service (DSS), which has industrial security oversight and assistance responsibility for the more than 11,000 cleared facilities participating in the NISP.
    This document describes how BeyondTrust PowerBroker® and PowerPassword® support key requirements specified in Army Regulation 25-2 for Information Assurance (effective November 14, 2003).
    This document describes BeyondTrust PowerPassword® support for the BITS Master Security Checklist (MSC).
    This document describes BeyondTrust Software Support for FIPS (Federal Information Processing Standards).
    BeyondTrust's internal assessment of Common Criteria compliance.

    EMEA (Europe, Middle East, Africa)
    BeyondTrust solutions provide strong access control to address key requirements defined in the Annex for Section 9 Technical and Organizational Measures.
    Strengthen internal controls and meet KonTraG compliance.
    This white paper addresses how IT organizations at financial institutions can use BeyondTrust’s identity and access management solutions (IAM) PowerBroker®, and PowerPassword UME® to help bring their heterogeneous UNIX / Linux environment into compliance with the Basel II requirements.
    This document addresses how an organization can use BeyondTrust’s PowerBroker® and PowerPassword-UME® identity and access management solutions (IAM) for UNIX/Linux access security to meet and demonstrate compliance with Sarbanes-Oxley (SOX) Sec 404 requirements for effectiveness of internal controls for financial reporting requirements.
    Securing UNIX/Linux Networks for Data Privacy Protection Act Compliance with BeyondTrust PowerPassword® and BeyondTrust PowerBroker®

    HIPAA Security - HIPAA Compliance - SOX Audits - SOX Compliance Tool - SOX Section 404


    "In my opinion, PowerBroker provides the highest degree of controlled and audited superuser access in the commercial marketplace today."

    — UNIX Systems Consulting Firm

    "Administrative passwords are the 'keys to the kingdom', but securely and efficiently managing them can be challenging."

    - Information Security

     


    © 1985-2010 BeyondTrust Software, Inc. All rights reserved.

    Site MapContact UsPrivacy Policy/ California Privacy RightsHome