BeyondTrust announced its PowerBroker privileged access management platform for Unix and Linux systems has received Common Criteria certification. Achievement of this certification helps to assure that government agencies and global enterprises can confidently procure and use PowerBroker for Unix & Linux to secure their environments against the threat of privileged account compromise without the added cost and complexity of additional product testing.
Common Criteria is the foundation for the widest-available mutual international recognition of secure IT products. Its goals include improving the availability of security-enhanced IT products, and supporting more efficient procurement of solutions.
The Leidos (formerly SAIC) Common Criteria Testing Laboratory conducted the testing of PowerBroker for Unix & Linux, and the National Information Assurance Partnership (NIAP), the United States approving authority, granted the Common Criteria certificate (# 10691) that became effective on August 30, 2016. PowerBroker for Unix and Linux achieved protection profile certification in Enterprise Security Management - Policy Management Version 2.1, and U.S. Government Approved Protection Profile - Protection Profile for Enterprise Security Management-Access Control Version 2.1.
A Better Alternative to Sudo
Organizations must secure the use of root account privileges for operational, security and compliance reasons. The common approach is to use Sudo – a free, unsupported utility that comes with all Unix and Linux hardware. While Federal agencies make selecting the most cost effective solutions a priority, there are significant risks involved in reliance on free, unsupported tools that cannot scale or provide secure automation for mission-critical systems.
PowerBroker for Unix & Linux enables system administrators to delegate Unix and Linux privileges and authorization without disclosing passwords for root or other accounts. The solution can also record all privileged sessions for audits, including keystroke information. This enables organizations to meet the privileged access control requirements of government and industry mandates including FISMA, SOX, HIPAA, PCI DSS, GLBA, PCI, and FDCC.
Government agencies and enterprises can rely on PowerBroker to achieve least privilege on Unix and Linux systems, which nearly every recent Federal Cybersecurity mandate stresses as being a critical step to securing information systems.