e-DMZ Security Reveals Innovative Approach To Control Developer Access to Production at 360°IT
Combination of Total Privilege Access Management Modules Facilitate Solution
Wilmington, DE — September 21, 2010 — e-DMZ Security, the market leader in privileged user and privileged access management, today announced it will reveal an innovative approach to control developer access to production along with exhibit partner UK reseller Preventia, during 360°IT — The IT Infrastructure Event, being held in London, UK September 22-23, 2010. Additional information on this new approach can be downloaded at: www.edmz.com/dap-whitepaper.html.
A typical approach within network infrastructures is to implement a production and non-production (QA/Test) environment. Motivation for this approach is the sensitivity to resource/application problems and/or outages which can impact revenue; invoke regulatory fines as well as create untold impact on corporate image if an issue arises. As a result, enterprises typically create a distinction between their production network/infrastructure and development/QA/test.
- There are a number of points raised in granting developer access to production:
- Is the individual authorized to access the production system?
- Is the individual authorized to make changes to the production system?
- Did the individual make only the changes authorized and were the changes made correctly?
Access Control mechanisms are fundamental to managing the first two points while the third point is the one that has the potential to generate headlines but is the most difficult to manage and detect, since despite correct authorization, there is no visibility of the changes made.
Availability, rather than Audit, is often the primary concern of the developer in accessing a production system that has a failed application; and when asked developers are hard pressed to explain exactly what they did to resolve the issue.
“Our TPAM suite provides a unified solution that is able to address all three issues associated with developer access to production,” said Martin Ryan, Vice President Sales at e-DMZ Security. “And because TPAM is easily integrated within their existing IT infrastructure, users from IT Managers to CIO’s are able to better address the challenge of developer access control and ensure compliance without disrupting existing business practices.”
TPAM Privileged Password Management (PPM) provides a definition of the users requiring access to production. On request submission, dual-control request approval by another user can also perform real-time validation against a ticketing system. TPAM can be configured to manage the credential of the account including auto-login on the production system, so that the user cannot bypass TPAM to access the production system directly and the credential is never exposed.
TPAM Privileged Session Management (PSM) provides session monitoring and recording and is able to answer the issue of did the individual make only authorized changes and were they made correctly. Every keystroke, mouse movement and application access can be monitored, recorded and archived for future audit/forensic requirements — without the need for host based agent software. Session recordings are activity driven, compressed and encrypted — assuring both security and disk/storage efficiency. TPAM also supports Privileged Command Management (PCM), where individual users granted access to a production system can have limitations on command/environment they are able to execute.
Overall, TPAM enables ’on demand’ access for developers to production systems with full individual accountability, audit and control. Organizations gain visibility into who is accessing their production environment; who authorized the access, and what the individual did with that access. Functions to control what the individual can do with access further extends the value that TPAM provides in addressing security and compliance issues.
For more information on the TPAM Suite please go to: http://www.edmz.com/tpam.html or email noSpam(28); sales@eDMZ.com or call (866) 203-9823.
About e-DMZ Security
e-DMZ Security is an award-winning provider of privileged access control solutions for today’s enterprises looking to control, audit and record privilege sessions such as remote administrators, vendors or privileged internal access. Its Total Privileged Access Management (TPAM) suite is a modular, cost-effective solution for privileged user, privileged identity and privileged access control. Built on the award winning Password Auto Repository™ (PAR) and eGuardPost™ appliances, TPAM delivers security and compliance across all market verticals with over 450 installs in over 17 countries world-wide. Customers include many of the world’s largest enterprises in banking, insurance, pharmaceutical, manufacturing and more. Headquartered in Wilmington, Delaware, e-DMZ Security has offices and/or authorized partners in North America, South America, Europe, Middle East and Asia.
Follow e-DMZ Security on twitter: http://twitter.com/eDMZ_Security
More information on our company and products can be found at www.edmz.com. e-DMZ Security,™ Password Auto Repository™ and eGuardPost™ are trademarks of e-DMZ Security, LLC.
|
