Like UNIX, at its core, Linux's secure model is basically monolithic. You either have root access or you don't. But root access is too powerful for so many reasons. And routinely using the actual root account – while easy and still frighteningly common – is so dangerous it borders on negligent. Auditors know about root and what questions to ask. In fact some auditors already have their risk findings written up regarding root and privileged access before they even begin assessing your environment.
The good news is that there are a variety of things built on top if Linux to make privileged access more granular, more accountable, more auditable and overall more secure and in this webinar Randy Franklin Smith will show you how root access and least privilege management works in Linux. You will learn about how administrators can still do their work efficiently without logging on as root. He will show you how sudo works and how you can use sudo to:
- limit which commands users can execute
- ensure accountability between admins
- eliminate logons as root
- create least privilege profiles that allow people to get their work down without sacrificing security
We will also discuss things like:
- How to monitor misuse of root access
- How to protect root accounts and passwords
- Controlling shell access
- Auditing logons, commands and other activity
Join us for this technical and practical webinar. Then Paul Harper will briefly show how with BeyondTrust you can take privileged access control to the next level and implement true least privilege effortlessly across multiple systems from a central point of control. Don't miss this real training for free™ event. Please register now.
Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations.
Randy Franklin Smith began his career in information technology in the 1980s developing software for a variety of companies. During the early 1990s, he led a business process re-engineering effort for a multi-national organization and designed several mission critical, object-oriented, client/server systems. As the Internet and Windows NT took off, Randy focused on security and led his employer's information security planning team. In 1997, he formed Monterey Technology Group, Inc. where he serves as President.
- Certified Information Systems Auditor (CISA)
- Microsoft Security Most Valuable Professional (MVP)
- Systems Security Certified Professional (SSCP)
- Information Systems Security Association (ISSA)
- Information Systems Audit and Control Association (ISACA)
- Center for Internet Security (CIS)