White
Papers
This white paper explores insider attacks
and insider risk, and shows how to control
them by controlling and monitoring access.
The paper describes the more common vulnerabilities
exploited by insider attacks and a method
for assessing insider risk.
This paper discusses best practices for
privileged password management (PPM), and
shows how Symark’s PowerKeeper PPM solution
can build a “defense in depth” for privileged
access across the IT portfolio.
This document shows how Symark PowerKeeper,
a secure, hardened appliance that automates
privileged password management, supports
PCI DSS compliance by securing and auditing
access to the privileged accounts, systems,
and network devices that comprise the cardholder
data environment.
This document explains how Symark PowerKeeper,
a hardened appliance that provides secure
storage and access for administrative passwords
and encryption keys and certificates, can
help organizations comply with the HIPAA
Final Security Rule.
This white paper shows how PowerKeeper's
security features support GLBA compliance
in today's climate of more stringent enforcement.
This white paper focuses on how Responsible Entities can use
Symark PowerKeeper to support compliance with NERC CIP.
This white paper examines how and why role-based access control evolved, then
explains how Symark PowerBroker can be used to implement privileged role-based
access control. The important advantages this approach provides are explained,
and scripts are included to show a sample implementation.
This white paper explores insider attacks
and insider risk, and shows how to control
them by controlling and monitoring access.
The paper describes the more common vulnerabilities
exploited by insider attacks and a method
for assessing insider risk.
This white paper discusses how PowerBroker
supports PCI DSS compliance by creating
a secure access control infrastructure in
heterogeneous UNIX/Linux environments. PowerBroker
creates uniquely comprehensive logs and
audit trails, and has an Entitlement Report
that shows auditors that you have created
a baseline to assess accountability. Various
tables show how PowerBroker’s functionality
maps to the Payment Card Industry Data Security
Standard (PCI DSS).
This paper, written by SANS Organization
analysts, compares and contrasts the differences
in features and functionality between Symark
PowerBroker version 4.0 and the open source
access control product sudo.
Delegate
ROOT and other third party application administrative
privileges with detailed logs.
Secure incoming telnet and rlogin sessions
and all outgoing user-initiated Internet
activities.
This document addresses how an organization
can use Symark’s PowerBroker® and PowerPassword-UME®
identity and access management solutions
(IAM) for UNIX/Linux access security to
meet and demonstrate compliance with Sarbanes-Oxley
(SOX) Sec 404 requirements for effectiveness
of internal controls for financial reporting
requirements.
This guide offers tips on avoiding costly
password incidents and formulating new access
control policies. Data can be compromised
by trusted users who intentionally – or
accidentally – harm a system through sabotage
or theft of proprietary information. This
guide aims to assist System Administrators
and security managers in establishing controls
and policies that protect the enterprise
from these threats.
This white paper explains why the design of UNIX and Linux systems
prevents them from passing today's security and compliance audits,
and how Symark PowerBroker can bring these systems into compliance
with multiple mandates such as PCI DSS (the Payment Card Industry
Data Security Standard), the Sarbanes-Oxley Act (SOX), the Health
Insurance Portability and Accountability Act (HIPAA), and the
Gramm-Leach Bliley Act (GLBA).
This paper explains how Symark PowerBroker
supports compliance with the Gramm-Leach-Bliley
Financial Services Modernization Act of
1999 (GLBA), protecting consumers' non-public
personal information (NPI) on UNIX and Linux
systems.
Bring your UNIX/Linux systems into compliance
with FDA Regulation 21 CFR Part II requirements.
This document addresses the use of Symark’s
PowerPassword, User Management Edition (UME)
and PowerBroker security software to meet
HIPAA requirements for stringent technical
security controls over patient data.
This document addresses the use of Symark
PowerPassword®, User Management Edition,
Symark PowerBroker®, and Symark PowerKeeper®
to meet the requirements of NIST Special
Publication 800-53 for UNIX and Linux systems.
This document lays out the requirements
of the new NERC CIP standards that have
the greatest impact on electric utilities,
and shows how Symark PowerPassword UME and
PowerBroker can be used to meet them and
to document compliance with them.
This white paper explains the specialized security
PowerBroker and PowerPassword provide for UNIX/Linux
systems, and includes calculators that compute payback,
ROI, and automation savings at different levels of
investment for each product.
Safely delegate administrative privileges
(including ROOT) and implement secure logins
and strong passwords.
Securing UNIX/Linux Networks for Data Privacy
Protection Act Compliance with Symark PowerPassword®
and Symark PowerBroker®
Symark solutions support FFIEC IS Control
requirements.
This white paper explores insider attacks
and insider risk, and shows how to control
them by controlling and monitoring access.
The paper describes the more common vulnerabilities
exploited by insider attacks and a method
for assessing insider risk.
This document addresses how an organization
can use Symark’s PowerBroker® and PowerPassword-UME®
identity and access management solutions
(IAM) for UNIX/Linux access security to
meet and demonstrate compliance with Sarbanes-Oxley
(SOX) Sec 404 requirements for effectiveness
of internal controls for financial reporting
requirements.
This guide offers tips on avoiding costly
password incidents and formulating new access
control policies. Data can be compromised
by trusted users who intentionally – or
accidentally – harm a system through sabotage
or theft of proprietary information. This
guide aims to assist System Administrators
and security managers in establishing controls
and policies that protect the enterprise
from these threats.
This paper explains how Symark PowerBroker
supports compliance with the Gramm-Leach-Bliley
Financial Services Modernization Act of
1999 (GLBA), protecting consumers' non-public
personal information (NPI) on UNIX and Linux
systems.
Bring your UNIX/Linux systems into compliance
with FDA Regulation 21 CFR Part II requirements.
This document addresses the use of Symark’s
PowerPassword, User Management Edition (UME)
and PowerBroker security software to meet
HIPAA requirements for stringent technical
security controls over patient data.
This document addresses the use of Symark
PowerPassword®, User Management Edition,
Symark PowerBroker®, and Symark PowerKeeper®
to meet the requirements of NIST Special
Publication 800-53 for UNIX and Linux systems.
This document lays out the requirements
of the new NERC CIP standards that have
the greatest impact on electric utilities,
and shows how Symark PowerPassword UME and
PowerBroker can be used to meet them and
to document compliance with them.
This white paper explains the specialized security
PowerBroker and PowerPassword provide for UNIX/Linux
systems, and includes calculators that compute payback,
ROI, and automation savings at different levels of
investment for each product.
Safely delegate administrative privileges
(including ROOT) and implement secure logins
and strong passwords.
Securing UNIX/Linux Networks for Data Privacy
Protection Act Compliance with Symark PowerPassword®
and Symark PowerBroker®
Symark solutions support FFIEC IS Control
requirements.
This white paper explains PowerBroker functionality by showing how the product
addresses the NISPOM security categories developed by the Defense Security
Service (DSS), which has industrial security oversight and assistance
responsibility for the more than 11,000 cleared facilities participating in the NISP.
This document describes how Symark PowerBroker®
and PowerPassword® support key requirements
specified in Army Regulation 25-2 for Information
Assurance (effective November 14, 2003).
This document describes Symark PowerPassword®
support for the BITS Master Security Checklist
(MSC).
This document describes Symark Software
Support for FIPS (Federal Information Processing
Standards).
Symark's internal assessment of Common Criteria
compliance.
Symark solutions provide strong access control
to address key requirements defined in the
Annex for Section 9 Technical and Organizational
Measures.
Strengthen internal controls and meet KonTraG
compliance.
This white paper addresses how IT organizations
at financial institutions can use Symark’s
identity and access management solutions
(IAM) PowerBroker®, and PowerPassword UME®
to help bring their heterogeneous UNIX /
Linux environment into compliance with the
Basel II requirements.
This document addresses how an organization
can use Symark’s PowerBroker® and PowerPassword-UME®
identity and access management solutions
(IAM) for UNIX/Linux access security to
meet and demonstrate compliance with Sarbanes-Oxley
(SOX) Sec 404 requirements for effectiveness
of internal controls for financial reporting
requirements.
Securing UNIX/Linux Networks for Data Privacy
Protection Act.
HIPAA Security - HIPAA Compliance - SOX Audits - SOX Compliance Tool - SOX Section 404
"Administrative passwords are the 'keys to the
kingdom', but securely and efficiently managing them can be challenging." "In my opinion, PowerBroker provides the highest
degree of controlled and audited superuser access in the commercial
marketplace today." "PowerPassword plays to all of the strengths
of using passwords for security by removing all of the weaknesses." |
