IT-Analysis.com
IT-Analysis.com Logo
Business Issues Channels Enterprise Services SME Technology
Module Header
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - Managed Print Services: Are SMBs Ready?
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - The Managed Print Services (MPS) Opportunity for SMBs
Simon HollowayThe Holloway Angle
Simon Holloway
11th April - Intellinote - capture anything!
David NorfolkThe Norfolk Punt
David Norfolk
11th April - On the road to Morocco
Philip HowardBloor IM Blog
Philip Howard
10th April - Attunity Gold Client

Blogs > Quocirca

Safe authentication for remote sys-admin tasks
Bob Tarzey By: Bob Tarzey, Service Director, Quocirca
Published: 24th February 2012
Copyright Quocirca © 2012
Logo for Quocirca

Not all systems administration (sys-admin) is done by people. Some applications need administrator access to communicate and make changes.

Furthermore, remote management tasks are often carried out using pre-set procedures in sys-admin tools, for example the backup of branch office devices.

For this to work, privileged login details are often embedded in the applications or tools that require them. Should the wrong individual get access to these credentials, they may be able use them for malicious purposes.

To make things worse, when such details are embedded they rarely get changed because it burdensome to do so and consequently the credentials may remain valid for long after they have been compromised.

This risk is exacerbated by the fact that such privileged login details are often not just stored but also often transmitted as the clear text. 

In recent Quocirca research around 50 per cent of organisations admitted that sys-admin login details we regularly transmitted in clear text, although it varied widely by industry.

This need not be the case.

First, applications and tools needing privileged access right should be administered and monitored in the same way as "human" privileged users (for example, they should not use group access privileges).

Furthermore, the assigned login details need not be transmitted in clear text. Passwords can easily be masked, or better still the whole transmission required to carry out a remote admin task can be encrypted.

To see the full research behind this and get a free copy of Quocirca's report go to http://www.osirium.com/alpha-files/wp

Advertisement



Published by: IT Analysis Communications Ltd.
T: +44 (0)190 888 0760 | F: +44 (0)190 888 0761
Email: