There was a time when software could focus on delivering the business solution it was designed to provide. But with the ever escalating threats of hacking and data breaches, from both external and internal sources, far more attention needs to be placed on security, along with audit trails and event logs which can be used to perform forensic investigations. IBM Domino Servers, even though a robust and secure platform, lack the depth of logging necessary to deal with today’s challenges. While Domino Server does an excellent job providing a collaboration and email platform, it can be prone to some significant security gaps, due in part to the lack of logging.
BCC’s DominoProtect can assist with providing a cohesive solution to lock down some of the most common – and egregious – gaps, and beef up the logging to where it is useful even to the point of performing rolling back of changes. This article will look specifically at how DominoProtect can address some of the most common security gaps.
Start with enhanced logging. With DominoProtect implemented, configuration and security changes are driven through it’s the workflow process. This means you now have the robust event and audit logging in place that can be used for forensic investigations, since all changes will be logged. Additionally, there is a one-click rollback feature where one or many changes can be rolled back with a single click. This is especially helpful in case someone, with enough security rights and not enough know how or perhaps malicious intent, has made some changes which could be detrimental to the functioning of the system. The workflow process is configured to enforce a secondary approval for changes before they are executed, thus establishing a two-man rule security model. These combine to prevent unauthorized changes, enforce Change Control rules, and provide a trail of changes for audit and forensic investigations.
Follow with protection against misuse of Full Access Administration (FAA) by disabling it. FAA can be used to bypass many of Domino’s security controls, and it is often left open and unprotected because it is simply easier that way. Organizations without a robust security configuration can be open to serious threats of data loss if FAA is enabled and generally open.
Wrap up by protecting the Server ID. A common practice is to have no password on the Server ID because most administrators find it too cumbersome to provide a password when the server needs to be started up, let's say, in the middle of the night. This situation gets even more complicated in super secure environments where more than one person needs to provide a password for the server ID to complete the puzzle before Domino server comes up. DominoProtect can manage this with ease. It can even generate a random machine generated password so your admins do not even need to know it. It is then provided in a fully automated unattended restart - no need for an admin to enter the password!
DominoProtect gives you the tools to lock down common security gaps in Domino Server, and provide your organization greater assurance against security breaches, more control and even automation over operations, and increased confidence during audits.
See a live demo of these features in a recorded webinar at https://www.youtube.com/watch?v=VzuoSRrXnpA&feature=youtu.be
Interested in DominoProtect?