Cyber-Ark unveils tool for managing Windows, Unix systems

Computerworld - Cyber-Ark Software Inc. this week released an enhanced version of its Privileged Identity Management Suite, with new features designed to give IT officials a single tool for managing privileged accounts across both Windows and Unix environments.

The upgraded product adds support for managing so-called Unix "superusers," who typically have a full range of rights and permissions to everything on a system.

Adam Bosnian, vice president of product, strategy and sales at Cyber-Ark, said the new offering can help large companies more easily manage multi-operating system environments that require separate tools for each OS.

There's a growing demand for tools that can manage, control and audit privileged accounts across the enterprise, said Mark Diodati, an analyst with the Burton Group in Midvale, Utah. He cited the growing need to meet state and federal compliance and governance requirements and growing concerns about the security risks posed by insiders with access to privileged accounts.

"One of the things that is driving demand is that auditors are getting smarter," Diodati said. "They have figured that this thing about privileged access management is crucial."

The demand for such tools has attracted the attention of a variety of vendors, including BeyondTrust, which last month unveiled what it termed the first first privileged account management product for heterogeneous IT environments, along with CA, Quest Software and Novell.

The security concerns follow a string of highly public incidents where users holding administrator accounts created IT havoc for a variety of reasons.

For example, in July a former computer support technician at Quantum Technology Partners (QTP) in Miami, was sentenced to a year in jail for illegally using his administrator account and password to shut down the company's servers from his home computer. Lesmany Nunez also changed the passwords of all the IT systems administrators at the company and deleted files that made data restoration from backup tapes more difficult for the company. His actions resulted in more than $30,000 in damages to QTP.

And in January, a Fannie Mae engineer was indicted for planting a logic bomb on the corporation's network that could have destroyed and altered all data on the company's servers.

Perhaps the most sensational example of abuse by a privileged user came when Terry Childs, a former systems administrator for the city of San Francisco, allegedly locked access to a crucial city network for days by changing key network passwords.

Read more about security in Computerworld's Security Knowledge Center.