|
Press Release OSM releases Privileged User Management solution to improve security of UNIX and Linux systems
OSM's COSduty-SSA software gives UNIX and Linux users the ability to improve compliance with legislation by reducing the need to grant unrestricted administrative access rights – thereby reducing risks of internal security breaches.
ASCOT, UK and SEATTLE, WA, USA. July 14th, 2004: UK and USA based software house, Open Systems Management Ltd. ("OSM") today announced the general availability of its Secure Shell Auditing ("COSduty-SSA") module for users of UNIX and Linux systems. The release means that such user organizations now have the means to restrict, and report on, access by administration staff who would otherwise require unrestricted access rights to perform their day to day functions. Organizations using UNIX or Linux systems for critical business processes face an increasing number of security and legislative issues. They are being pressured to improve access security by legislation, internal and external auditing requirements, and general security concerns, yet it is a feature of these operating systems that administrators require access at a level that would allow them to view and change critical data without being audited. UNIX and Linux systems allow only two levels of user – a named user who can only access and change their own files, and 'root' which has unlimited rights. Administrators require the latter. Recent legislation such as Sarbanes Oxley in the USA and the European Directives require board members of public companies to be accountable for the integrity of the financial information they disclose to shareholders. It is reasonable to assume that such integrity cannot be ensured if someone has unlimited access to critical information in an unmonitored, unaudited environment. COSduty-SSA provides the control and auditing required to prove due diligence while providing real operational efficiency gains. SSA is combined with OSM's COSduty Operations Workflow Management software to reduce or remove the need for 'root' access. COSduty enables an end user organization to encapsulate processes requiring 'root' privileges in a Graphical User Interface (GUI) and delegate them to operations level staff in a controlled and audited manner. In this way the process may demand 'root' privileges to execute but the user carrying out the process is not granted the 'root' capability. The same approach can be used to restrict other privileged management accounts such as 'admin' privileges on MS Windows or DBA privileges on databases. Even when using COSduty it is still likely that 'root' privilege will have to be granted on an exceptional basis and the SSA module provides a method to control its use. Administrators have to request a 'root' session on a particular system at a particular time and are then granted access, or not, with an appropriate sub-set of commands needed to perform the required task. All keystrokes are audited and may be analyzed for potential abuse. A recent survey conducted by PricewaterhouseCoopers on behalf of the UK's Department of Trade and Industry found that over 90% of larger companies had a malicious security incident over the last year. Most attacks were caused either by viruses or "inappropriate" use of IT systems by staff. The average cost of an incident for a larger company was £120,000 (US$220,000). Those caused by staff were the most persistent. Roberta Witty, Research Director at Gartner said, "If Linux systems are to be adopted for mission critical applications within the enterprise, then careful and consistent management of identity information is vital to the adoption success." OSM's CEO, Neil Chaney, said "UNIX is currently the leading operating system for hosting large ERP and other critical financial systems, and Linux is following it into the data center. Security officers will have a major issue in reaching compliance with existing and forthcoming legislation if they do not restrict the use of the administration accounts." Gerry Gebel, analyst, Burton Group said, "To fully realize all the benefits of Linux and open source systems, enterprises must incorporate these new platforms into their identity management strategy." COSduty-SSA is available immediately from OSM as a stand-alone product. Similar, but limited, process delegation functionality is incorporated into OSM's Identity Management software – COSuser (www.cosuser.com). A white paper on COSduty-SSA can be downloaded from www.cosduty.com/Resources About OSM Open Systems Management (OSM) — a privately held company, founded in 1988 and based out of Ascot, UK; Seattle, WA, USA; Baltimore, MD; USA and Perth, Australia — develops and markets several products for system, security and identity management for enterprises having UNIX and/or Linux servers and Microsoft Windows systems in their data center environment. OSM is backed by 3i, Europe's largest venture capital investment company. Notable customers include Bloomberg, Iams, Lloyds TSB Bank, West Corp. and Northumbrian Water. Web addresses: http://www.cosduty.com and http://www.osmcorp.com. Media and analyst contact: Derek Harris
All trademarks and
registered trademarks of products mentioned
|