Security best practices and regulations such as FISMA require that access to sensitive data and servers be granted only to those who need it, and that those individuals are granted only the privileges they need. This "least-privilege" model is challenging to implement, particularly in Linux and UNIX environments, where administrators commonly share passwords to root or other superuser accounts. View this Webinar now to learn:
How to tie UNIX and Linux entitlements to individuals by leveraging Microsoft Active Directory
Why tools such as sudo are not sufficient in delivering the world-class security IT managers need
What the baseline requirements are for implementing a least-privilege security model based on user roles
Security best practices and regulations such as FISMA share some common requirements: that access to sensitive data and servers be granted only to those whose job function requires it, and that those individuals are granted only the privileges they need to perform their duties. This "least-privilege" security model has obvious merits in theory, but in practice it can be challenging to implement, particularly in Linux and UNIX environments, where it is still all too common for administrators to share passwords to root or other superuser accounts.
How, for example, do you give backup administrators the superuser privilege to copy a database and move it to another volume without giving them access to the database itself? While sudo and other tools provide some help, they can be cumbersome to manage and implement and become unworkable in complex environments with hundreds of heterogeneous servers and multiple administrators with widely varying job roles and authority.
This webinar will:
Examine the real-world challenges around tying entitlements to individuals instead of to root or generic accounts
Describe the baseline requirements for implementing a least-privilege security model based on user roles
Explain why existing tools such as sudo fall short in delivering enterprise-class security and manageability
Show you the value of leveraging Active Directory's centrally managed identities and its rich group- and role-based management capabilities to provide access control and privilege management services to Linux and UNIX systems
Demonstrate how the Centrify Suite provides an integrated, consistent and cost-effective solution for least-privilege security management across some 200 of the most widely used versions of Linux and UNIX
As Chief Strategy Officer at Centrify, McNeely works with customers to drive the roadmap for Centrify's award-winning identity and access management solutions. He has worked in the identity and access management market for over 16 years, holding various product marketing and management positions at ActivIdentity, AOL, iPlanet and Netscape. At Netscape and iPlanet, he was the director of product management for the Directory and Security product line, where he first promoted the concept of a centralized directory for all identity and access management.
Dr. Schultz is the Chief Technology Officer at Emagined Security, an information security consultancy based in San Carlos, California. He is the author/co-author of five books: one on Unix security, another on Internet security, a third on Windows NT/2000 security, a fourth on incident response, and the latest on intrusion detection and prevention. He has also written over 120 published papers. He is a member of the editorial board for the SANS NewsBites, a weekly information security-related news update, co-author of the 2005 and 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies.