For organizations that are serious about incorporating strong privileged access management into their security program, there is no question that a commercial product is better suited than an open source offering such as sudo. Eliminating the possibility of malicious behavior using strong controls, centralized log file collection, and centralized policy management is far better than relying on questionable, difficult to manage controls delivered within sudo. In calculating an acceptable level of risk to your tier-1 Unix and Linux systems, all of these costs and benefits must be considered. If in doubt, remember the old adage—there is no such thing as a free lunch.

Read more.