BeyondTrust White Paper Sample

PowerBroker is an application that provides important functionality not otherwise available on UNIX/Linux systems. The application has two major areas of functionality. First, it allows the full administrative powers of the root and other administrative accounts to be shared selectively among many users without having to share the root password. Secondly, it provides a full and indelible audit trail of all actions occurring in important accounts such as root.

An indelible audit trail is one so structured that it cannot be modified subsequent to being created and thus does not permit anyone to conceal or obfuscate what has happened. Until PowerBroker, no tools existed to provide this functionality in UNIX/Linux networks. As a result, companies running UNIX have been limited in their ability to share administrative power and have been open to risk from the essentially un-auditable actions of system administrators.

Having the ability to share access to the root account selectively without sharing the root password allows system administration to be safely delegated among many users. Each user can be given the power to perform only those administrative actions that fall under that user’s responsibility. Without a solution such as PowerBroker, any user requiring even the slightest amount of administrative power must be given the root password, which gives them access to the full power of root.