To Sudo or Not to Sudo? That is the Question
June 23, 2015 | Security and Risk | John Worrall
It’s no secret that unsecured privileged accounts represent one of the largest security vulnerabilities today. In the hands of an external cyber attacker or malicious insider, privileged accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit fraud and disrupt operations.
One major challenge with managing privileged accounts is that while many IT professionals need privileged access to do their jobs, they don’t need access to the entire network (or to all commands or programs that could be executed). That’s where the principle of least privilege comes in, which dictates that people should only have access to the resources and information necessary for their job function.
One way to enforce this is the free, open source solution called sudo (superuser do). This allows Unix users to access and authenticate to a system with a personal account and escalate privileges to superuser or root to run privileged commands. Sudo can be configured to blacklist or whitelist specific commands for each user. It can also help beef up IT infrastructure security by limiting root access on Unix machines. Sounds great, right? Not so fast. As with everything in life, you get what you pay for.
Organizations looking to enforce least privilege policies often begin by asking “to sudo or not to sudo?” To help you make more informed decisions about whether sudo is the right answer to that question, we’ve published a new security brief outlining five things to consider, including:
- How secure is sudo? It may not be as secure as you think
- Need to achieve compliance? Three challenges you’ll likely run into
- Planning on organizational changes? Think ahead, because sudo won’t scale
- Can you trust sudo? Questionable reliability often leads to other issues that introduce risk
- Looking for an alternative to sudo? CyberArk offers a more secure, scalable and reliable alternative for organizations looking to enforce least privilege policies
You can download this free security brief here: https://www.cyberark.com/resource/to-sudo-or-not-to-sudo-that-is-the-question/.
While sudo can be an attractive solution with no acquisition cost, ultimately many organizations realize the hard way that “free” can actually end up costing them a great deal. So before you make the call, make sure you’ve weighed the pros and cons and explored other alternatives that can deliver a higher level of security, scalability and reliability.