As a Unix/Linux System Administrator or security professional your purpose is to manage users of your information system and allow only limited access based on a user’s needs. As you are aware though, users can mess things up. It could be anything from a novice administrator who goes beyond their knowledge level, an application developer running a script with root privileges, or a hacker accessing your system. Ultimately you are responsible and you don’t want to have to explain how a breach or loss of information happened occurred, or clean up the mess.
Controlling what users can and cannot do once they have accessed a Unix or Linux server within your environment is the main goal of every systems administrator and security analyst. Unix and Linux systems require an account for users to access the system, and are typically only accessed directly by people when they are performing administrative activity on the operating system, an application or data. The system itself requires certain accounts to function properly and applications require some form of account on a server to work properly.
Managing these privileges can be done in many ways, and with many tools. One of the best methods though, is with a privileged access management tool, preferably one that allows for centralized management of your system.
This webinar will introduce you to 12 best practices for Unix/Linux privileged identity and access management. We will cover:
- Types of Linux accounts
- How to secure your privileged accounts
- Using Linux built-in monitoring tools
- Unix & Linux control
- How to best manage accounts
- The best way to implement least privilege
- Best technique for managing passwords
- How to eliminate the use of shared accounts
- How to control access
- Using logs to audit accounts
- Best method for managing and recording privileged activity on your system
- Alerting and notification
- How to centralize and unify your system
Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently an IT Supervisor at the Internal Revenue Service. He is also owner of The Intercessors Investigative and Training Group (www.theintercessorgroup.com). Formerly, Derek worked for several IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He is also a cyber security professor at the University of Maryland, University College and Virginia University of Science and Technology and has taught for over 25 years. Derek is retired from the US Army and also served in the US Navy, and Air Force for a total of 24 years. He is completing his Doctorate Degree in Organizational Leadership and has completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education. Derek has written several books including Cybersense: The Leaders Guide to Protecting Critical Information, and its companion workbook, and he has contributed to several other books as an author and technical adviser.
