When it comes to barriers to innovation in federal IT or even in the enterprise, individual ego and personal empires built on unnecessary network privileges can be a significant problem. The good news is functionality like the granular authorization capabilities of the Uplogix out-of-band platform make it easier to rein in so called “privilege hogs.”
Federal agency CIOs from the Defense Intelligence Agency, the US Army, and the Department of Homeland Security participated in a panel discussion at the Public Sector Innovation Summit this week, sharing with the audience that one of the biggest priorities for their organizations is to reduce the number of privileged users. Speaking about both the infrastructure side of the equation as well as data, Janice Glover-Jones, CIO of the DIA said, “Just because you have access to the network, doesn’t mean you should have access to all the data that resides on the network.”
Concepts like “just enough privilege” and “just in time privileges” can be applied to network infrastructure management with the secure granular authorization features of Uplogix. Highly configurable and granular role-based administrative access to managed gear with role-based access controls and complete activity logging (including system prompts and responses) is maintained even when the network is down. User access groups can be created in just about any way you can come up with – by geography, device type … all the way down to what specific commands a user can run on a device.
How granular authorization works in Uplogix
Uplogix can improve overall security by restricting access to specific IP addresses and encrypting passwords stored in the database, and by automating management functions related to security enforcement, like updating the access passwords on hundreds of managed devices at once. Unauthorized user access is also prevented by automatically closing idle sessions, eliminating a potential security gap.
Controls and granular authorization is important, but you also have to be able to prove it is effective. Uplogix enable audit and compliance reporting by constantly logging all changes made to managed devices and the results of these changes. You’ll know who has access to what, and when they use it, allowing you to pen in those privilege hogs on your network.
For more information, visit uplogix.com/network-security.