Privileged User Activity Auditing: The Missing Link for Enterprise Compliance and Security
Capturing the detailed actions of privileged users is even more critical in today's business environment that is driving cost efficiencies through IT outsourcing, off-shoring and supplementing IT staff with contractors. Security and compliance issues also exist with third-parties including Cloud Providers, Service Providers and ISVs. And every major compliance regulation requires organizations to document what users actually do with the privileges and rights granted to them and how their actions impact the IT environment. Traditional approaches, such as log files, cannot fully meet these requirements. Log files are well suited to aggregating and correlating events and management data for alerting and reporting purposes. But for a full accounting of what specific actions were taken on a specific system, at a specific time, by a specific user, there is no substitute for a high-fidelity recording of individual user sessions. By recording all privileged user activity (screen actions, events and metadata) a complete picture of intentions and impacts can be achieved. Organizations need to ensure that every privileged session can be audited across their extended enterprise creating a high level of visibility on UNIX, Linux and Windows systems whether in the data center or in cloud computing environments.