SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

CHANNEL BY TOPICS


QUICK LINKS




An Innovative Approach to Control Session Access

TMCnews


TMCnews Featured Article


September 21, 2010

An Innovative Approach to Control Session Access

By Rajani Baburajan, TMCnet Contributor


e-DMZ Security, a provider of total privilege access management solutions (TPAM), announced it will explain an innovative approach to control developer access to production.

e-DMZ Security’s TPAM suite is a modular, cost-effective solution for privileged user, privileged identity and privileged access control. TPAM delivers security and compliance across all market verticals.

Earlier in Aug.,  e-DMZ Security announced the release of the enhanced TPAM suite, enabling the delivery of delivering secure, scalable and cost effective remote system administrator database account management, according to TMCnet report.


According to e-DMZ Security, there are a number of points raised in granting developer access to production, as given below:

Is the individual authorized to access the production system?

Is the individual authorized to make changes to the production system?

Did the individual make only the changes authorized and were the changes made correctly?

The network security company says access control mechanisms protected by session border controllers are important to managing the first two points. The third point, though very serious, is difficult to manage and detect. This happens because despite correct authorization, there is no visibility of the changes made.

“Our TPAM suite provides a unified solution that is able to address all three issues associated with developer access to production,” Martin Ryan, vice president Sales at e-DMZ Security, said.

Because TPAM is easily integrated within their existing IT infrastructure, users from IT Managers to CIO’s are able to better address the challenge of developer access control and ensure compliance without disrupting existing business practices, Ryan said.

e-DMZ Security’s  approach to this is to implement a production and non-production (QA/Test) environment within network infrastructures. This approach is found to be helpful as it is highly sensitive to resource/application problems and/or outages which can impact revenue; invoke regulatory fines as well as create untold impact on corporate image if an issue arises.

As a result, enterprises typically create a distinction between their production network, infrastructure and developmental modes, the company said.

Availability, rather than Audit, is often the primary concern of the developer in accessing a production system that has a failed application, according to officials at e-DMZ Security. They say developers are hard pressed to explain exactly what they did to resolve the issue.

The TPAM suite includes TPAM privileged password management (PPM (News - Alert)) and privileged session management (PSM) to enterprises.

TPAM PPM provides a definition of the users requiring access to production. On request submission, dual-control request approval by another user can also perform real-time validation against a ticketing system.

The solution can be configured to manage the credential of the account so that the user cannot bypass TPAM to access the production system directly and the credential is never exposed, company officials added.

TPAM PSM provides session monitoring and recording and is able to answer the issues whether the individual makes only authorized changes and whether they are made correctly. With this, every keystroke, mouse movement and application access can be monitored, recorded and archived for future audit/forensic requirements – without the need for host based agent software, company officials stated.

The TPAM solution has activity driven, compressed and encrypted session recordings, assuring both security and disk/storage efficiency. TPAM also supports privileged command management (PCM), where individual users granted access to a production system can have limitations on command/environment they are able to execute.

Overall, TPAM enables ‘on demand’ access for developers to production systems with full individual accountability, audit and control.

It provides organizations with the visibility into who is accessing their production environment, whom is authorizing the access and what the individual did with that access.


Rajani Baburajan is a contributing editor for TMCnet. To read more of Rajani's articles, please visit her columnist page.

Edited by Erin Monda







Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].

STAY CURRENT YOUR WAY

© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy