Read up on the latest ideas and technologies from companies that sell hardware, software and services. Strategies for Eliminating .PST Files
Email Archiving Implementation: Five Costly Mistakes to Avoid
Best Practice in Building an Integrated Information Management Strategy
Cutting printer costs
Improving Sales Productivity: An Opportunity for Sales and IT Leadership
Solve Exchange Mailbox Storage Issues Once and for All
Email Archiving 101—Customer Case Study
Wireless LANs: Is my enterprise at risk?
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Privileged IT staffers literally holds the keys to the castle. Access to those keys that open the doors to critical operating system and application resources must be carefully managed and legally audited. Enter the class of products referred to as privilege account management wares.
Privileged access isn't 'single sign-on", which is more of an end-user convenience issue as well as a security spoofing prevention method. PAM products provide controlled privileged access for IT administrators and power users.
Operating systems running on critical servers and even high-end business applications running on Oracle and SQL Server databases don't always have appropriate ticketing systems for granting privileged access. And there's increasing pressure from both internal auditing and government compliance agencies for companies to know who had privileged access, when they had it, and if at all possible, what was done with the access.
Generally, with controlled privileged access, a request is made by IT staff through the PAM product for a privileged account password.
Most products tested require that all requests be approved. Granting such a request may take more than one administrative nod, as some organizations may choose to use several specific individuals or draw from a pool of individuals that must give a recorded stamp of approval before the privileged password is granted.
The privileged password is only granted for a period of time. The password may expire in short order or be automatically updated by the PAM software to something no one (but the system itself) actually knows at all -- only the PAM system.
There may need to be verification that the password wasn't changed by the then-privileged user -- a check typically accomplished by a shadow privileged account maintained by the PAM system itself -- and perhaps a subsequent action that changes the password and verifies that this has been done so that the new privileged password is known only to the PAM system.
So the key value proposition for any PAM product is access control coupled with referential integrity of privileged passwords.
Using PAM systems may also require a leap of faith as they can take full and total responsibility for the administrative passwords. If you lose their availability -- either by technical glitch or some sort of theft -- all privileged passwords are lost. The PAM database of passwords must also be highly available, meaning that IT should have alternative accessibility measures in place, such as a mirror image or a rapid restoration capability.
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Fujitsu PC targets Today's Young Adults with the release of the L series 2008-10-14 12:40:00+10
RSA survey shows employees’ everyday behaviours puts sensitive business information at risk 2008-10-14 11:29:00+10
Sound Alliance Group expands with acquisition of Mess+Noise 2008-10-14 08:48:00+10
Sterling Commerce Introduces New Managed File Transfer Capabilities That Cuts Server Change Management Time in Half 2008-10-14 08:41:00+10
Simms Exclusive Distributor of Cygnett MP3 Accessories 2008-10-14 08:10:00+10
Best Practice in Building an Integrated Information Management Strategy
Discover the business value that creating an integrated information platform can bring. Learn how to provide consistent, accurate information to all stakeholders within your business network. Integrate vital data from disparate sources and deliver a trusted information foundation. Read on to uncover the stepping-stones to your new information management strategy.
