<p>In the Windows world, we are used to being able to finely dice and slice admin authority to support least privilege within the IT department and reduce the number of people with all-powerful admin authority.</p> <div>But in the UNIX and Linux world there is only one account, root, that can perform administrative activities or elevated privileges. The root account can’t be delegated natively, so it is generally shared by a number of administrators, which results in inferior security and the inability to audit access. In addition, even the most common administrative tasks, for example, clearing a printer queue, need root access. This means that a highly paid IT administrator must perform traditional help desk tasks, creating inefficiencies, or help desk staff must be given far too many privileges, reducing security. With Unix and Linux servers hosting many mission-critical applications, as well as housing sensitive data, inferior security and auditing can quickly turn into identity and data theft and compliance failures.</div> <div> </div> <div>For this next real training (tm) webinar, I will have 2 UNIX/Linux security experts join me to discuss ways to protect root access and ensure accountability over users with access to root. Here are some of the talking points we’ll cover:</div> <ol> <li>What are the alternatives to <ul> <li>Give lots of people root so that help desk and low level folks can perform routine tasks – at the expense of security, or</li> <li>Tightly restrict root access and force higher paid and higher skilled admins to perform routine tasks – at the expense of efficiency and other projects requiring their skills.</li> </ul> </li> <li>Is the “all or nothing” nature of root access changing in newer versions of UNIX and Linux?</li> <li>How can “sudo” help?</li> <li>Can you at least audit what folks do while logged on as root?</li> <li>Other tips and best practices for dealing with root</li> </ol> <div>If you have anything to do with UNIX or Linux security you won’t want to miss this up-to-date and relevant training session. Please register now.</div>