Danger! Admins Run Amuck

As end users we all demand administrator rights. After all, who amongst us wants to be told what not to do? But unfettered admin rights are a hacker’s field day, and a security nightmare. Admin privileges are arguably the easiest and most effective way to compromise an entire network.

The best approach is to balance end user rights with security – to protect worker productivity and the network at the same time.

Centrify Corp. is one of the early entrants into this field, a company this reporter has followed since its very inception. In its early days, Centrify was all about using Microsoft (News - Alert) Active Directory to manage heterogeneous machines, such as Unix and Linux. Active Directory is all about identifying and relating that to privileges and access, and Centrify continues to push that envelope. Part of that is embracing more platforms. Last time I counted that meant over 400 operating systems.

Centrify has a line of tools to handle authentication, role-based compliance reporting and tracking, data encryption, role-based authorization, and system isolation. More recently, Centrify began managing smartphones and tablets through DirectControl for Mobile, which runs in the cloud.

In a webinar Wednesday, “Identity Related Risks: Have you met your Administrators? Sponsored by Centrify,” we’ll dive into how to offer access while keeping malware and hackers at bay.

“Administrative identities are growing at an uncontrolled rate, because every user needs privileges to successfully perform their job. Without a scalable model for managing the life cycle of your users' identities and their associated privileges it becomes standard practice to dole out Local/Domain Administrator accounts to users who manage a single application within the Enterprise,” Centrify explains. “As a result, unanticipated risks originating from more insiders with privileged access to Windows Servers raises threat exposure and the likelihood of failed regulatory audits.”
 

The webinar will show IT pros how to safeguard Windows server infrastructure, and at the same time easing the burden on your real administrators.

According to Centrify, IT pros will learn:

• “How to consistently control user entitlements
• How to accurately track privileged activity and associate it with an individual
• How to simplify management of applications without creating more Administrators”

One option Centrify offers is to do all this through the cloud, not just on-premises, an approach heralded by Bloor Research. “Traditional identity and access management technologies focused primarily on securing access to applications provisioned within the corporate network. Few, if any, catered to the needs of mobile workers or external people, such as suppliers needing to connect to applica­tions without the need for dedicated, secure connections to be imple­mented. Many such systems were complex and lengthy to implement and administrative burdens were high. Their use was largely confined to larger organizations,” said Bloor analyst Fran Howarth. “Organizations looking to facilitate secure access to cloud-based appli­cations and services have a number of options—a portal based in the cloud, one deployed on-premises, or a hybrid mixture of the two. This provides one centralized access point through which enterprise secu­rity policies can be enforced, users’ access rights can be granted and controlled, their identities authenticated securely and authorization to access resources granted.”