What it does: Helps secure your Linux environment through root access protection, user management, and administrative account management.
Open Source Desktop: Xfces Advantages
Ten Leading Open Source Innovators
Open Source ERP: Fact and Fiction
Choosing Vendors: The Linux vs. Microsoft Red Herring|
How it will help you: One of the allures of Linux is that it is not nearly as riddled with security flaws as Windows. Many mistakenly believe, though, that Linux is trouble-free. Not so. In fact, in one area root access risks Vista is superior to Linux. While hackers will never target Linux as fervently as they do Microsoft products, this doesnt mean Linux users are free from risk.
In an enterprise setting, the biggest security risk comes from insiders. According to the most recent CSI/FBI survey, 52% of respondents said that they experienced security breaches. Of those experiencing a breach, a whopping 68% believed that the attacks came from within the organization. An IBM study found that 70% of businesses believe that insider attacks are more of a threat than those from traditional hackers.
Without controls in place, nearly anyone can gain root access to Linux accounts, which not only creates a serious security risk but also threatens your compliance with industry regulations. The most dangerous accounts are those given to your IT staff, giving them so-called super-user status meaning they can access just about any organizational information they want.
While IT needs to be able to access various user accounts in order to do their job, they still need to be controlled and audited. This is where tools like those from Symark Software come in.
Symarks PowerBroker gives system administrators an automated way to delegate administrative privileges and authorization without disclosing the root password and to grant selective access to UNIX and Linux-based corporate resources.
PowerPassword gives administrators a tool for securely deploying and managing user accounts, passwords, and login policies across heterogeneous UNIX/Linux environments, while keeping a centralized audit trail.
Finally, PowerKeeper automates the management of administrative account passwords. Administrator passwords are the most risk-oriented ones in any organization, yet they are often the ones subject to the least control. PowerKeeper provides a secure release mechanism for administrator passwords and automatically changes the password on the managed system based on parameters and policies set by the organization. PowerKeeper eliminates the problem of users who know passwords prior to being put under control.
Obstacles to Adoption: The most obvious obstacle to adoption is awareness. Too many people believe that you can get away with security on the cheap with Linux (or Mac for that matter) because most attacks focus on Microsoft products. While the risk related to outside threats is certainly less for Linux environments, its not zero, and risks from insiders are just as bad, if not worse, than with Windows systems.
Symark will need to work to raise awareness and overcome complacency. One force working in its favor is compliance. Many industry regulations mandate that controls be in place to protect sensitive information and that audit trails are kept.
Symark also faces competition from other security vendors, such as Fortefi and Centrify. If Linux ever does gain real market penetration on enterprise desktops, expect the incumbents to rush in here as well.
Developer: Symark Software, in Agoura Hills, CA.
Management Team: Bob Farber, COO, was formerly the manager of technical support operations for Candle Corporation. John Kendrick, CFO, was previously CFO of Broadcast Media Group. Anita Rose, SVP of sales, formerly held executive positions at Intersecting Concepts and Executive Software.
Dick DeVillers, VP of technology, spent over ten years in management positions at CA. Ellen Libenson, VP of product marketing, was previously VP of marketing at Thinque Systems.