- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.
In the 20-plus years I've spent consulting, hand-holding, troubleshooting and securing networks one of the most frequently asked questions I hear from business leaders is "How do I keep sensitive data from the prying eyes of the network administrators?" The answer has always been "trust." It was that way because we really had no way to remove administrative privileges from the administrators. But a new e-book by IT consultant Greg Shields promises to help. In fact, it's titled "Eliminating Administrator Rights" and is a part of Realtime Publishers' Essentials series. If you have a Windows network, this is essential for you.
It’s a small book as are all the entries in the Essentials series but packs a wallop. The three chapters (with a synopsis) are:
1. Understanding Least Privilege: Any discussion on the right-sizing of administrative privileges starts with a solid understanding of how Least Privilege works. This article will define Least Privilege and discuss why simply handing out Administrator privileges doesn’t provide the necessary levels of granular control.
2. The Business Benefits of Eliminating Administrator Rights: Once you understand the right ways in which rights should be assigned as learned in Article 1, your next job is in recognizing how their correct assignment benefits the business. In Article 2, you’ll learn how the business benefits along the lines of operational, security, and compliance when admin rights are eliminated in favor of granular privilege assignment.
3. Limitations in Native Solutions for Privilege Management: Tools are natively available today in the Windows OS that go only part of the way in achieving the goals of Least Privilege. But each of those tools remains too coarse in rights assignment. In Article 3, you’ll learn about those native tools and read about the critical omissions in how they assign privileges to users and applications.
Now obviously Article 3 is where you’ll hear the sponsor’s message (it’s sponsored by BeyondTrust, which markets privilege management products) but it’s still useful information. There are a number of organizations in the privilege management field; even Internet2 the higher education consortium, offers the open-source Signet package for privilege administration.
Download and read the book, then start thinking about your own (and your staff’s) privileges and how your organization can be protected.
Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (3)
Even though this sounds goodBy GS on October 11, 2008, 4:43 pmEven though this sounds good in theory, in the real world this is not usually desirable. In a large enterprise, there are a lot of administrators and lot of different...
Reply | Read entire comment
not total eliminationBy David Kearns on October 10, 2008, 2:42 pmNo one suggested eliminating all admin privileges, rather the suggestion is to move to fine-grained control of those rights and privileges, assigning them on a strictly...
Reply | Read entire comment
While I certainly agree that 'trust' isn't a word that should be even whispered ...By NorahGoldman on October 10, 2008, 10:26 amWhile I certainly agree that "trust" isn't a word that should be even whispered next to the idea of security, the suggestion of removing administrative privileges...
Reply | Read entire comment
View all comments