News
BeyondTrust PowerBroker for Sudo Simplifies System Management, Increases Security and Improves Compliance
December 2015 by Marc Jacob
BeyondTrust®, a global cyber security company that believes preventing data breaches requires the right visibility to enable control over internal and external risks, announced today BeyondTrust PowerBroker for Sudo, which simplifies system management by providing centralized policy, logging and version control with change management for multiple sudoers files.
Organizations have recognized that granting excessive privileges, including root, increase risks with respect to misuse, malware and mistakes. To help address this concern administrators have turned to sudo. However, as many administrators have learned that – although free – using sudo for Unix or Linux privilege management is a complex and time-consuming effort, and often does not provide the level of controls required to comply with internal and external IT regulations. But replacing sudo is not an easy task. For those looking to maintain sudo, it’s very difficult for Unix and Linux administrators to do without some form of centralized management. In addition, properly managing the log data is almost always a losing battle for most admins.
With simplified policy management, PowerBroker for Sudo enables organizations to reduce the time spent on administration, increase the security and reliability of event and session log data, and improve visibility into entitlements. Additionally, PowerBroker for Sudo offers a simplified migration strategy for customers looking to eventually move from sudo to a full privilege management solution like PowerBroker for Unix and Linux.
Key Capabilities of PowerBroker for Sudo:
• Simplified Policy Management – Centralize policy files in a single management location, and group hosts with common sudoers files using the simple Group Alias feature. Alternatively, the solution also allows each host its own sudoers file or use of hybrid of Individual and Grouped sudoers files.
• Full Change Management – Approve changes, implement version control and roll-back centralized ‘sudoers’ files to help achieve compliance.
• Centralize Log Data – All commands elevated using sudo are recorded in the centralized event log. Organizations can securely transmit and store keystroke logs to a dedicated and centralized server.
• Migration Path to Full Unix and Linux Privilege Management – Centralized database, sudo policy, management, logging and change control provides a simplified migration strategy for organizations looking to move from sudo.
