The Alpha-Files is a high quality, integrated marketing campaign by Osirium.
Through independent research 10 critical IT issues have been identified that many organisations have opted to tolerate rather than resolve.
This is because it's just too painful to resolve or they believe there isn't technology available.
These issues are collated in the Alpha-Files and each month a new, solved case file is released.
Quocirca Report: Conquering the SysAdmin challenge
This Quocirca research report presents new data on how well organisations are able to automate their SysAdmin procedures, manage the use of privilege and satisfy the requirements of auditors. This should be of interest to those charged with the reliable delivery of IT, and also business managers who understand the importance of IT to their organisations.
To learn how Osirium can solve the SysAdmin challenges in the report visit www.osirium.com/alpha-files.
You'll also discover Quocirca discussing each challenge in more detail.
Please complete the form to access the whitepaper
Issue:
IT departments are having to make uncontrolled changes prior to IT audits, in order to pass the upcoming audit.
Evidence:
A recent survey carried out by UK analyst firm, Quocirca, found that over 70% of System Administrators make informal and uncontrolled changes to IT infrastructures immediately prior to audits in order to meet compliance requirements.
Behavioural Drivers:
The cost of repeating failed IT audits, its impact on resources, as well as performance-assessments by senior management, means that IT teams are opting to circumvent best practices to ensure they pass audits.
Underlining Issue:
Meeting and maintaining compliance across the entire infrastructure is a highly manual and labour intensive endeavour. Most organisations just don't have the resources to support these initiatives requirement after prioritising their projects and activities.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Audit Failures:
If auditors discover uncontrolled changes are made prior to audits then organisations should fail the audit.
Security Gaps:
In the haste to meet compliance, the impact of actions not fully thought through or tested could result in security gaps that can be exploited.
Short Cuts & Errors:
The urgency to make quick changes in order to get on with normal business means that short-cuts are taken and error-rates increase.
Compliance Erosion:
Changes that are not passed through existing processes are not recognised as an inherent part of the standard change controls. As a result, these particular changes no longer belong to the in-built compliance process so the changes erode over time until the next audit.
Resource Burden:
Some changes are temporarily invoked and then reverted back to its pre-audit status while other changes are left to erode over time. Both instances require IT resources to make the changes then repeat the whole process again at the next audit. With some IT security staff spending up to 30% of their time preparing for audits, according to Quocirca, this places a significant burden on available resources and its business.
Solution:
Osirium stops organisations from having to make ad-hoc, uncontrolled changes before an IT audit. It reduces the compliance work-load on multi-vendor infrastructure IT teams by Automating & Delegating tasks as well as Remediating gaps
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
IT departments use Group Admin accounts to access devices.
Evidence:
A recent survey carried out by UK analyst firm Quocirca found that over 50% of organisations are unable to stop the use of Group Admin accounts.
Behavioural Drivers:
IT departments just don't have the resources to create, manage and revoke personalised privileged accounts across all infrastructure devices.
Underlining Issue:
There isn't a cost effective technical solution that can create and manage personalised privileged accounts across all multi-vendor infrastructure devices.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Failed IT Audits:
Group Admin accounts do not meet compliance and best practice requirements, which require organisations to RESTRICT and CONTROL the use of privileges and be able to audit ALL privileged user activities.
Privileged Account Abuse:
Group Admin accounts cannot provide individual traceability which means privileged activities cannot be traced back to individual users. This leaves the IT infrastructure vulnerable to malicious abuse by anonymous privileged actions, an example of which is the the insider attack on Société Générale which cost €4.9bn.
Network Attacks:
Hackers target Group Admin accounts because they're often easy to find out or "crack", allow access to a wide range of devices.
Solution:
Osirium is a Privileged User and Infrastructure Management solution which enables organisations to easily eliminate the use of Group Admin accounts.
It does this by automating the creation of personalised privileged accounts to provide "end-to-end" accountability of all privileged user activities.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
End-of-life Infrastructure devices that have not been properly de-commissioned can still retain data that pose a serious risk.
Evidence:
UK analyst firm Quocirca found that over 40% of organisations were not confident that all data was deleted from end of life infrastructure devices prior to disposal and, shockingly, in the Finance and Retail sectors where data protection should be at the forefront of considerations, 7% of organisations didn't bother deleting device data at all.
Behavioural Drivers:
Overburdened IT departments don't allocate the appropriate resources who can reliably remove the critical credential and configuration data that still resides on "end-of-life" infrastructure devices.
Underlining Issue:
There hasn't been a reliable, cost effective technical solution that automatically decommission all the critical device data.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Use of Third Parties:
Organisations will often contract IT Asset Disposal (ITAD) companies to decommission devices. This can be costly and unreliable since their skill-set tends to focus on removing data from generic laptops, servers or storage devices rather than bespoke network infrastructure and security solutions, and therefore lack the appropriate experience to ensure risk free de-commissioning.
Network Attacks:
Hackers favour the acquisition of specific types of infrastructure devices from disposal companies or online auction sites. They know that there's the possibility of recovering critical credentials (like group admin accounts), configuration settings or even data on specific devices that might provide the ideal opportunity to mount an attack on the organisations network.
Solution:
Osirium is a Privileged User & Infrastructure Management device which can automatically de-provision 'end of life' IT infrastructure devices singularly or en-masse. The solution deletes all privileged credential information that resides in an infrastructure device as even secure credentials can be recoverable and if Group Admin credentials reside on the device this can cause major issues. In addition to this Osirium can delete all configuration data, including policy settings from the device.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
Privileged User details are being transmitted in clear text.
Evidence:
Privileged User details are being transmitted in clear text.
- 75% of organisations admit privileged
user credentials are at times sent
in clear text.
- 62% of organisations are unable to
prevent embedded privileged credentials
being transmitted in clear text.
Behavioural Drivers:
Privileged Users prefer to connect to infrastructure devices through tools that they are familiar with, even if data is transmitted in clear text.
Underlining Issue:
- There are currently no cost effective or
user acceptable, technical solution that
forces privileged users to use secure
communication protocols in multi-vendor
infrastructures.
- Some devices still only support Telnet
connectivity.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Insider Threats:
Malicious insiders sniff network traffic to identify privileged accounts. They can use the information to attack the network or snoop further still, even trading these privileged credentials to 3rd parties. Ultimately, any party could use the credentials to disrupt business operations safe in the knowledge that the credentials couldn't be linked back to them.
Network Attacks:
Hackers can intercept privileged user details being transmitted in the clear and they can use also this information to snoop or disrupt business operations.
Solution:
Osirium is a Privileged User & Infrastructure Management device which ensures privileged user communications to infrastructure devices always uses secure channels, stopping the transmission of credential information in clear text.
In the case of Telnet communications, Osirium ensures that communication is securely tunnelled from the client to Osirium and provides a number of methods to secure communications to the devices location.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
Organisations are failing to close-off the risks of Legacy Privileged Accounts.
Evidence:
UK analyst firm Quocirca found;
- 54% of organisations struggle to remove
individual privileged accounts when
a user leaves.
- Only 42% of organisation always remove
default software or hardware accounts.
Behavioural Drivers:
- Time and resource pressures relegates
the removal of unwanted privileged user
accounts down the priority list to
ultimately become forgotten.
- Over time, organisations become
uncertain as to whether a privileged
account is genuinely dormant or still
in use, for example a privileged
credential might be used in a business
critical script that executes once a
year.
Underlining Issue:
- There hasn't been a cost effective,
technical solution that can accurately
identify and remove legacy accounts.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Credential Leakage:
Not revoking credentials when a privileged user leaves immediately exposes the organisation to the risks of an outsider knowing the critical credentials, who could attack the network or even sell these security assets onto third parties.
Network Attacks:
Hackers look to exploit default device credentials that are always supplied with each device - they are easier to compromise and it's more difficult to identify the abuser.
Solution:
Osirium is a Privileged User and Infrastructure Management solutions which;
- Identifies suspected legacy privileged
user accounts
- Correlates log file information to
identify accounts which are
genuinely dormant
- Disables legacy accounts to determine if
negative consequences are likely.
- Backs-up the device configuration prior
to account deletion, just in case a
'roll-back' is required in the event
of unforeseen issues.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
Reducing the number of SysAdmin errors.
Evidence:
UK analyst firm Quocirca found;
- SysAdmins make errors about 6% of
the time.
- SysAdmins could be making between
100 - 150 errors annually.
Behavioural Drivers:
- With increasing workloads and pressures to get tasks done more quickly, SysAdmins inevitably make mistakes in the rush to complete
their tasks.
Underlining Issue:
- Budget and headcount restraints
means that IT departments perpetually struggle to meet all their obligations.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Downtime of services:
Errors made on live devices can seriously affect service levels, which quickly becomes a noticeable degradation or even loss of service.
Re-allocation of resources to correct the mistake:
Any errors arising will need to be corrected, which will require resources and other distractions, all of which will impact IT capability and budget.
Security gaps if the mistake goes undiscovered:
The longer the error remains undetected, the greater the risk of security gaps that attackers can target and exploit.
Solution:
Osirium is a Privileged Roles and Infrastructure Management solution which automates common SysAdmin tasks which significantly reduces the number of errors. This in turn dramatically reduces the impact and risk on the organisation.
SysAdmin tasks that benefit from Osirium automation include;
- Device configuration changes
- Correcting device faults with workarounds
- Privileged user provisioning / revocation
- Back-ups
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
Organisations aren't performing device configuration back-ups with the diligence that they should.
Evidence:
UK analyst firm Quocirca found;
- 42% of organisations have 30 day gaps between backing-up security devices
- 18% of organisations have 30 day gaps between backing-up file servers
Behavioural Drivers:
- Organisations try to back-up critical devices and servers at regular intervals but, under excessive workloads, end up only backing-up up the most critical servers, neglecting the less obvious, but just as important, devices until sometime later.
Underlining Issue:
- Back-ups can be complex, costly and time-consuming and organisations don't allocate the budget or resources to perform this adequately.
Bob Tarzey, Analyst at Quocirca talks about the issue.
Recovery Time:
If a device fails, and there have been no recent back-ups of that device, the organisation will be exposed to the increased costs of recovering out-of-date backup files, along with the increased operational risks while the problem is resolved.
Solution:
Osirium is a Privileged User and Infrastructure Management solution that can schedule automated configuration back-ups across multi-vendor infrastructures.
Specifically, Osirium allows organisations to;
- Schedule and target individual device configuration back-ups, automatically scaling the task across multi-vendor infrastructures.
- Run back-ups before and after configuration changes.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
Issue:
Organisation struggle to safely and securely delegate SysAdmin tasks.
Evidence:
UK analyst firm Quocirca found;
- 4% of organisations always look to, and delegate, SysAdmin tasks.
Behavioural Drivers:
The research identified some of the key reasons why organisations were hesitant to delegate;
- 34% of organisations can't restrict access to infrastructure
- 30% of organisations cannot automatically revoke access after delegation task has been completed.
- Can't trust delegated users - 26% of organisations believe that delegated users cannot wholly be trusted.
Underlining Issue:
- Organisations don't have sufficient trust in the controls, visibility and accountability of those to whom they delegate.
Bob Tarzey, Analyst at Quocirca talks about the issue.
High Error Rates:
Organisations that occasionally or never delegate tasks see higher error rates.
Overburdened Staff:
Organisations that aren't able to delegate will see senior SysAdmins overburdened, fire-fighting issues rather proactively undertaking projects to move the business along.
Solution:
Osirium is a Privileged User and Infrastructure Management solution that allows mundane SysAdmin tasks to be delegated in a controlled environment.
Osirium allows organisations to;
- Provide role-based privileged access for
delegated users to devices.
- Pre-packagetasks for safe delegation.
- Embedded selection options into
pre-packaged tasks.
- Control what selection options are
available to delegated users.
001-solution-md
OSIRIUM OVERVIEW,
Short video about the Osirium Solution.
