In an effort to improve business security, compliance and
productivity, privilege authorization policies must be redesigned
and user permissions more granularly managed. Yet identity
and access management (IAM) solutions have remained largely
unchanged. Traditional solutions account for a significant
part of the total cost of IAM, a staggering amount when
you consider that these solutions fail to control superuser
access to critical servers, and fail to enable desktop users
to effectively perform their job.
Strengthening security, maintaining compliance, and achieving
efficiencies and economies of scale are top-of-mind issues
for enterprise IT executives. In this paper, IDC examines
the role of identity and access management (IAM) solutions
in addressing these needs and specifically looks at the
role privileged access lifecycle management (PALM) can play
in helping heterogeneous organizations proactively refine
their strategies regarding privileged access management
controls, cross-platform monitoring, and automated workflow
capabilities.
Compliance efforts and security concerns have driven businesses
to make substantial investments in threat control. Too often,
however, these efforts pay far too little heed to the risks
posed by poorly controlled access to administrative privilege
in IT, which can have a hugely disproportionate impact on
the business.
High-privilege administrative accounts hold the keys to
gain access to the most sensitive IT processes and proprietary
data—yet this level of access is far too often based on
little more than trust alone. In this whitepaper, Enterprise
Management Associates (EMA) examines this critical issue
in IT security administration in light of the BeyondTrust
approach to helping businesses move from a trust-based system
to a secure, auditable process in order to provide a higher
standard of control and better support for regulatory compliance.
Using PowerBroker to implement role-based access control
allows an organization to efficiently deploy key security
and compliance requirements not always found in operating
system (OS) RBAC implementations, including separation of
duties and audit trails.
This white paper explores insider attacks and insider risk,
and shows how to control them by controlling and monitoring
access. The paper describes the more common vulnerabilities
exploited by insider attacks and a method for assessing
insider risk.
This document explains how BeyondTrust PowerBroker supports
the Payment Card Industry Data Security Standard (PCI DSS)
by limiting and tracking authorization to execute commands
and programs that access servers and applications storing
and using proprietary cardholder.
This paper, written by SANS Organization analysts, compares
and contrasts the differences in features and functionality
between BeyondTrust PowerBroker version 4.0 and the open
source access control product sudo.
This document discusses the use of PowerBroker software
to address some of the security and audit problems inherent
in native UNIX and Linux operating systems.
Secure incoming telnet and rlogin sessions and all outgoing
user-initiated Internet activities.
This document addresses how an organization can use BeyondTrust’s
PowerBroker® and PowerPassword-UME® identity and access
management solutions (IAM) for UNIX/Linux access security
to meet and demonstrate compliance with Sarbanes-Oxley (SOX)
Sec 404 requirements for effectiveness of internal controls
for financial reporting requirements.
This guide offers tips on avoiding costly password incidents
and formulating new access control policies. Data can be
compromised by trusted users who intentionally – or accidentally
– harm a system through sabotage or theft of proprietary
information. This guide aims to assist System Administrators
and security managers in establishing controls and policies
that protect the enterprise from these threats.
This white paper explains why the design of UNIX and Linux
systems prevents them from passing today's security and
compliance audits, and how BeyondTrust PowerBroker can bring
these systems into compliance with multiple mandates such
as PCI DSS (the Payment Card Industry Data Security Standard),
the Sarbanes-Oxley Act (SOX), the Health Insurance Portability
and Accountability Act (HIPAA), and the Gramm-Leach Bliley
Act (GLBA).
This paper explains how BeyondTrust PowerBroker supports
compliance with the Gramm-Leach-Bliley Financial Services
Modernization Act of 1999 (GLBA), protecting consumers'
non-public personal information (NPI) on UNIX and Linux
systems.
Bring your UNIX/Linux systems into compliance with FDA Regulation
21 CFR Part II requirements.
This document addresses the use of BeyondTrust’s PowerPassword,
User Management Edition (UME) and PowerBroker security software
to meet HIPAA requirements for stringent technical security
controls over patient data.
This document addresses the use of BeyondTrust PowerPassword®,
User Management Edition, BeyondTrust PowerBroker®, and BeyondTrust
PowerKeeper® to meet the requirements of NIST Special Publication
800-53 for UNIX and Linux systems.
This white paper explains the specialized security PowerBroker
and PowerPassword provide for UNIX/Linux systems, and includes
calculators that compute payback, ROI, and automation savings
at different levels of investment for each product.
Safely delegate administrative privileges (including ROOT)
and implement secure logins and strong passwords.
BeyondTrust solutions support FFIEC IS Control requirements.
High-privilege administrative accounts hold the keys to
gain access to the most sensitive IT processes and proprietary
data—yet this level of access is far too often based on
little more than trust alone. In this whitepaper, Enterprise
Management Associates (EMA) examines this critical issue
in IT security administration in light of the BeyondTrust
approach to helping businesses move from a trust-based system
to a secure, auditable process in order to provide a higher
standard of control and better support for regulatory compliance.
High-privilege administrative accounts hold the keys to
gain access to the most sensitive IT processes and proprietary
data—yet this level of access is far too often based on
little more than trust alone. In this whitepaper, Enterprise
Management Associates (EMA) examines this critical issue
in IT security administration in light of the BeyondTrust
approach to helping businesses move from a trust-based system
to a secure, auditable process in order to provide a higher
standard of control and better support for regulatory compliance.
This white paper explores insider attacks and insider risk,
and shows how to control them by controlling and monitoring
access. The paper describes the more common vulnerabilities
exploited by insider attacks and a method for assessing
insider risk.
This paper discusses best practices for privileged account
access management and privileged password management (PPM),
and shows how BeyondTrust’s PowerKeeper user access control
appliance creates a "defense in depth" across the IT portfolio.
This document shows how BeyondTrust PowerKeeper, a secure,
hardened appliance that automates privileged password management,
supports PCI DSS compliance by securing and auditing access
to the privileged accounts, systems, and network devices
that comprise the cardholder data environment.
This document explains how BeyondTrust PowerKeeper, a hardened
appliance that provides secure storage and access for administrative
passwords and encryption keys and certificates, can help
organizations comply with the HIPAA Final Security Rule.
This white paper shows how PowerKeeper's security features
support GLBA compliance in today's climate of more stringent
enforcement.
Improving IT Administration Efficiency via Automated Policy
& Event Workflows
This white paper highlights recommended steps to successfully implement automated policy management processes within Unix/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PSMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.
Reducing the Threat from Microsoft Vulnerabilities
This BeyondTrust Report investigates all vulnerabilities published in Microsoft’s 2008 Security Bulletins and reports on vulnerabilities that are mitigated by configuring users to operate without administrator rights. The results show that companies can reduce the threat from Microsoft vulnerabilities, experience greater protection from zero-day threats and reduce risk by removing administrator rights.
Building a Secure and Compliant Windows Desktop
Virtually every organization is being compelled to improve client security. Auditors, regulators and business unit owners all recognize the threat unsecured desktops pose, and understand the need to comply with the myriad of regulatory and governance issues that make today’s headlines. While removing administrator rights from end users may be the Holy Grail of desktop security, doing so can have an impact on the everyday activities an end user needs to do for their job. Read this white paper to discover powerful strategies to effectively remove administrator rights and improve desktop security.
Applying the Principle of Least Privilege across the Enterprise
When users login to their computers with local administrator privileges they greatly increase the risk of security breaches by viruses, malware and malicious users. By removing administrative privileges and implementing the security best practice of Least Privilege these threats can be avoided and network security increased. However, when managing a least privilege computing environment systems must not only be locked down, but also still allow end users to perform all necessary tasks for their jobs. This paper presents several least privilege implementation options.
When it comes to achieving and maintaining DIACAP compliance,
BeyondTrust’s PowerBroker can help you get there. It’s a
way to implement a consistent protocol of access control
that prevents users from escaping to root, while centrally
logging all privileged activity.
This white paper explains PowerBroker functionality by showing
how the product addresses the NISPOM security categories
developed by the Defense Security Service (DSS), which has
industrial security oversight and assistance responsibility
for the more than 11,000 cleared facilities participating
in the NISP.
This document describes how BeyondTrust PowerBroker® and
PowerPassword® support key requirements specified in Army
Regulation 25-2 for Information Assurance (effective November
14, 2003).
This document describes BeyondTrust PowerPassword® support
for the BITS Master Security Checklist (MSC).
This document describes BeyondTrust Software Support for
FIPS (Federal Information Processing Standards).
BeyondTrust's internal assessment of Common Criteria compliance.
BeyondTrust solutions provide strong access control to address
key requirements defined in the Annex for Section 9 Technical
and Organizational Measures.
Strengthen internal controls and meet KonTraG compliance.
This white paper addresses how IT organizations at financial
institutions can use BeyondTrust’s identity and access management
solutions (IAM) PowerBroker®, and PowerPassword UME® to
help bring their heterogeneous UNIX / Linux environment
into compliance with the Basel II requirements.
This document addresses how an organization can use BeyondTrust’s
PowerBroker® and PowerPassword-UME® identity and access
management solutions (IAM) for UNIX/Linux access security
to meet and demonstrate compliance with Sarbanes-Oxley (SOX)
Sec 404 requirements for effectiveness of internal controls
for financial reporting requirements.
Securing UNIX/Linux Networks for Data Privacy Protection
Act Compliance with BeyondTrust PowerPassword® and BeyondTrust
PowerBroker®
HIPAA Security - HIPAA Compliance - SOX Audits - SOX Compliance Tool - SOX Section 404Site MapContact UsPrivacy Policy/ California Privacy RightsHome |
White Papers
