|
NEWS RELEASE
|
FOR IMMEDIATE RELEASE
CONTACT:
Leading Solution for Authorization and Access Control within Heterogeneous UNIX and Linux IT Environments Lauded for Delivering “Comprehensive Security Controls through Granular Policies, and Exhaustive Auditing for Rock-Solid Regulatory Compliance”
CONTACT:
|
Ellen Libenson
Symark Software (800) 234-9072 |
Dan Borgasano/Myron
Lee
Schwartz Communications (415) 512-0770 |
SYMARK SOFTWARE’S POWERBROKER 5.0 SELECTED
AS “HOT PICK” BY INFORMATION SECURITY
MAGAZINE
Leading Solution for Authorization and Access Control within Heterogeneous UNIX and Linux IT Environments Lauded for Delivering “Comprehensive Security Controls through Granular Policies, and Exhaustive Auditing for Rock-Solid Regulatory Compliance”
Agoura Hills, Calif.—October
15, 2007—Symark Software, the
leading provider of information security
solutions for managing privileged account
access, today announced that its PowerBroker
5.0, the industry’s most comprehensive
solution for authorization and access
control within heterogeneous UNIX/Linux
IT environments, was named a “Hot Pick”
in the October 2007 issue of Information
Security magazine. PowerBroker 5.0 received
an “A” grade in every category of the
review as well as an “A+” for its reporting
capabilities. The complete review is
available online at: http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1274446,00.html
“PowerBroker is a scalable solution that effectively delegates root privileges securely and provides excellent audit trails for regulatory compliance,” writes Sandra Kay Miller, contributing editor for Information Security. “Symark PowerBroker solves the dilemma of providing root access privileges to multiple users on UNIX-based systems without compromising security. It delivers comprehensive security controls through granular policies, and exhaustive auditing for rock-solid regulatory compliance. PowerBroker's greatest capability is logging and reporting. Ad hoc and custom reports are easily set up and run from the Web-based report utility, drawing from massive amounts of information in the encrypted log files.”
PowerBroker protects the root account from internal exploitation by rogue employees or hackers that have breached the network. By granularly delegating what tasks can be performed as the root password and by whom, PowerBroker helps prevent the alteration or deletion of critical system files, unauthorized access of confidential data and the deletion of logged events and audit trails. Totally non-intrusive, the program reduces the risk of accidental damage, theft of digital assets, or malicious activities without altering or disrupting the operating system—a practice that can violate software and systems warranties.
“By assigning root-level privileges based upon role, the actual root password is never revealed. Policies can also be assigned based upon user authentication through centralized repositories such as LDAP and SSO systems. The new access control lists allow those unfamiliar with programming or shell scripts to write policies that control privileges through global categories such as user, system, command, time of day and day of week,” writes Miller. “We were impressed by the control that can be assigned to users based on role and circumstance. For example, we elevated privileges of users so they could access a particular system, such as a Web server, as root, while denying similar root privileges to a mail server. Security features include blocking predefined keystrokes, automatic termination of idle root sessions, and checksum comparisons to identify potential malicious code.”
The new entitlement reporting functionality included in PowerBroker 5.0 lists the commands that systems administrators and other users are authorized to execute, including any constraints applied to their access privileges. This demonstrates to auditors the enforcement of segregation of duties and that steps are being taken to create a secure access control infrastructure. Other new features in PowerBroker 5.0 include comprehensive access control lists, centralized log pooling and packaged installation bundles to facilitate the rapid, efficient deployment of PowerBroker across large heterogeneous environments.
“Because many organizations continue to run mission-critical programs on Linux and UNIX systems, the ability for IT administrators to assign root-level privileges based on role is critical,” said Robert H. Farber, chief operating officer at Symark Software. “This Information Security review affirms what Symark’s customers already know—Symark PowerBroker is the industry’s leading solution for securing administrator passwords, combating insider threats and hackers while allowing organizations to comply with regulations such as PCI DSS, SOX and HIPAA.”
“PowerBroker is a scalable solution that effectively delegates root privileges securely and provides excellent audit trails for regulatory compliance,” writes Sandra Kay Miller, contributing editor for Information Security. “Symark PowerBroker solves the dilemma of providing root access privileges to multiple users on UNIX-based systems without compromising security. It delivers comprehensive security controls through granular policies, and exhaustive auditing for rock-solid regulatory compliance. PowerBroker's greatest capability is logging and reporting. Ad hoc and custom reports are easily set up and run from the Web-based report utility, drawing from massive amounts of information in the encrypted log files.”
PowerBroker protects the root account from internal exploitation by rogue employees or hackers that have breached the network. By granularly delegating what tasks can be performed as the root password and by whom, PowerBroker helps prevent the alteration or deletion of critical system files, unauthorized access of confidential data and the deletion of logged events and audit trails. Totally non-intrusive, the program reduces the risk of accidental damage, theft of digital assets, or malicious activities without altering or disrupting the operating system—a practice that can violate software and systems warranties.
“By assigning root-level privileges based upon role, the actual root password is never revealed. Policies can also be assigned based upon user authentication through centralized repositories such as LDAP and SSO systems. The new access control lists allow those unfamiliar with programming or shell scripts to write policies that control privileges through global categories such as user, system, command, time of day and day of week,” writes Miller. “We were impressed by the control that can be assigned to users based on role and circumstance. For example, we elevated privileges of users so they could access a particular system, such as a Web server, as root, while denying similar root privileges to a mail server. Security features include blocking predefined keystrokes, automatic termination of idle root sessions, and checksum comparisons to identify potential malicious code.”
The new entitlement reporting functionality included in PowerBroker 5.0 lists the commands that systems administrators and other users are authorized to execute, including any constraints applied to their access privileges. This demonstrates to auditors the enforcement of segregation of duties and that steps are being taken to create a secure access control infrastructure. Other new features in PowerBroker 5.0 include comprehensive access control lists, centralized log pooling and packaged installation bundles to facilitate the rapid, efficient deployment of PowerBroker across large heterogeneous environments.
“Because many organizations continue to run mission-critical programs on Linux and UNIX systems, the ability for IT administrators to assign root-level privileges based on role is critical,” said Robert H. Farber, chief operating officer at Symark Software. “This Information Security review affirms what Symark’s customers already know—Symark PowerBroker is the industry’s leading solution for securing administrator passwords, combating insider threats and hackers while allowing organizations to comply with regulations such as PCI DSS, SOX and HIPAA.”
About Symark
Founded in 1985, Symark is the leading
provider of information security
solutions for managing privileged
account access within heterogeneous
UNIX, Linux and Windows environments.
Symark PowerBroker® enables granular
delegation of administrative privileges
while restricting root account access.
Symark PowerPassword®, User Management
Edition provides user account management
along with login and password security
policies. Symark PowerKeeper® provides
storage and secure access of administrative
passwords for multiple servers,
applications and network devices.
All three products offer central
administration and detailed audit
logs to help comply with regulatory
mandates. Symark offers extensive
expertise in enterprise computing
security, and its products are backed
by unmatched technical support.
For more information, visit www.symark.com.
About Information Security
Information
Security is the enterprise security
and risk managers’ leading source
of critical, objective information
on strategic and practical security
issues. Information Security’s team
of veteran security journalists
and experts break down the security
problems challenging enterprises
and provide practical resolutions.
Its in-depth, comprehensive reports
and analyses provide security managers--department
managers to CXOs -- with the tools,
knowledge and information they need
to make informed decisions about
how to safeguard their enterprises,
comply with regulations and standards,
and reduce risk. The publication’s
analysis of technology and products
provide a guide for budgeting and
purchasing decisions and trends
reports, case studies and industry-leading
exposes offers security managers
insight into how their peers are
addressing and solving key security
issues. Information Security is
an indispensable guide for any security
manager and executive charged with
protecting information assets and
reducing risk.
###
NOTE TO EDITORS: If you would like additional information on Symark and its products, please view the Symark web site at www.symark.com.
Symark, the Symark logo, PowerPassword, PowerBroker, and PowerKeeper are trademarks or registered trademarks, in the United States and certain other countries, of Symark Software. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.
###
TechTarget and the TechTarget logo are registered trademarks of TechTarget, Inc. All other trademarks are the property of their respective owners.
