Tech Talk 3 by John Sherman
Keeping Your Confidential Data Secure and Inside Your Company
- Proof Point O’Reilly Automotive implemented SUSE Linux Enterprise Server in its data center and across more than 1,800 stores. A flexible Linux platform helps the company be more competitive and keep pace with double-digit annual growth.
- Trend Talk Computing in the Cloud is Taking its Rightful Place with Online Hosted Backup and Recovery Services
SSixty-one people were caught snooping at UCLA Medical Center recently. Apparently none of them had any business examining the electronic medical records of Britney Spears, Farah Fawcett and Maria Shriver, the governor’s wife. One person was indicted for selling details to the tabloids, several people lost their jobs, and the “Governator” was not amused. But that’s just the beginning. Aside from the humiliation of being flogged in the media, UCLA Medical Center is likely to face other problems. Sanctions. Fines. Litigation. Damage to the institution’s good name. The fun has just begun.
Data leaks are rarely this serious—or public. But nearly all come with consequences: revenues lost, reputations destroyed, regulations violated. Data leakage takes place for a lot of reasons. Poor access control, lax security policies and enforcement, and the inherent vulnerability of data communications top the list.
So, what can be done? Purchasing point solutions that don’t work work well together is an exercise in futility.
Organizations at risk—and trust me, everybody is at risk—need an integrated identity, access management and security solution that tracks the who, what, where, when, why and how of the IT infrastructure.
Novell now provides a complete, integrated identity management and data security platform—unique in the industry—that ensures compliance while protecting confidential data on everything from databases down to thumb drives, and everywhere from the CEO’s desktop to a sales rep’s laptop in a hotel room half way around the globe.
The Puzzle Comes Together
The Novell platform is a collection of identity, security and resource management products that are best-of-breed as standalone products. But they provide substantial incremental benefits when used in combination. What’s more, they’re flexible by design. They work well together and interact with competitive products.
Putting the Iron Grip on Data Access Control
Data must be guarded throughout its entire lifecycle. That requires an iron grip—absolute total control of access. You need to know who everyone is and what their business is at all times. And that not only requires establishing identities, but specific roles as well.
Roles can be used to provision, monitor and record user access to protected information and resources. Roles can also easily provide documented evidence to meet strict regulatory requirements. So when someone in the mailroom tries to tap into Payroll files, for example, access is immediately denied, the event is monitored and reported, and the mail clerk is sent packing.
But security based on roles is only as strong as the enterprise-security policies and access controls that are established by IT. Far too often people are granted more access to more resources than they need to do their jobs. That’s because creating and implementing highly restrictive access parameters can be difficult and time-consuming. As a result, despite the fact that a significant percentage of any user population can be “ethically challenged,” IT administrators tend to give users the benefit of the doubt and provide privileges that aren’t nearly limiting enough.
The Novell integrated platform includes Novell Identity Manager, which goes a long way toward solving this problem simply by making it easy to give each person the exact role-based permissions they need. With Identity Manager, permissions are managed according to departments, jobs or the specific tasks assigned to a person. This makes new employee provisioning easy—enabling establishment of permissions to resources within moments of the time a new employee is hired.
What’s more, those permissions can be updated and maintained automatically until that employee’s last day on the job, after which access can be revoked with a few keystrokes. (See Figure 1.)
Novell Identity Manager grants or denies access to computer applications, telephone systems, building security systems and other key infrastructure components. But for secure authentication and access to portals, Web-based content, and enterprise applications, Novell Access Manager is essential. In conjunction with Novell eDirectory, it provides IT administrators with the centralized policy-based tools they need to easily establish secure, hassle-free access to Web-based and corporate server-based applications. It enables single sign-on so employees and partners only have to remember one login for authorized access to all corporate Web-based applications. Administration is easy. And access is granted based on the user's role within a company or his/her association with it.
For enterprise-wide single sign-on to thousands of applications, such as those for Web pages, Windows applications, Java applications and terminal emulators, the Novell integrated solution features Novell SecureLogin. It reduces the number of help desk calls related to password resets and lowers the risk of data breaches by helping companies enforce consistent password policies. In addition, SecureLogin combines physical and logical security by enabling integration with smart cards, biometrics, and proximity cards in conjunction with usernames and passwords.