ranjbParticipantMay 17, 2013 at 5:05 am #161540
I have just come out of a meeting where it was discussed that our security needs to be greatly improved as well as procedures and management of our Production environments.
Being a multi-international company we have numerous 3rd parties who access our system. Currently we use PPTP connectivity via a Linux server to provide them access and this is how we provide access to our 3rd parties as well as internal employees. I am putting a plan together to move away from this as this is a BIG security issue as its not controlled and if a 3rd party understood our systems better they would be able to access any point of the network.
Our developers, solution architects also have access to our production systems and we have recently learnt that some changes are not going from a dev to production environment in a controlled manner, in some cases any changes are being made directly to production systems without any proper testing.
Currently the internal developers will have a local admin access to a Windows server. historically if a user wanted access they just needed to put in a request in and they would have access.
I am just trying to get some advice on how best we can better manage this, what do other companies do in our situation? I doubt if we are unique with these problems. I think moving forward a VPN gateway which authenticates with AD, where we can control access to what servers/RDP sessions a particular user/group can have access too (similar to a remote apps/Citrix web session) and also getting away from multiple users have local admin access to servers. A suggestion was to use one ‘developer’ account and use group policy to create this local account on all PROD/DEV servers in the enterprise but the problem I see with this is we cannot audit who is making the changes if there are multiple devs using 1 account.
Moving onto auditing, any suggestions on how better we can audit our environment? can this be done straight out of the box on Windows servers or do we need a 3rd party tool?
You must be logged in to reply to this topic.