Opening Doors to Open Source.
Regulatory Compliance
Heterogeneous environments, such as a combination of Linux, Mac OS X, UNIX, and Windows servers and desktops, are complex. This results in identity and access management being independently managed through LDAP domains, NIS, and local files. This leads to the following problems:
- IT staff have many accounts
- Access is managed on a machine by machine basis
- Password policies are typically not enforced
- Removing system access is often neglected
- Privileged accounts are shared by all IT Admins
PCI-DSS, Sarbanes-Oxley, FISMA and other regulations can be broken down into their essential elements and each one tackled with commonsense principles.
Implementing role-based access to business-critical systems alone is not sufficient without privilege management and auditing.
