I communicate with organisations all over the world on a day-to-day basis. A lot of the companies I speak with have very large IBM Domino environments, especially government and financial institutions are dealing with the same issues.
They have very large legacy environments that run on closed networks, hundreds of IBM Domino servers but not a lot of administrators.
They are directed to patch servers more frequently (weekly vs monthly) and get told that they have to better protect their server IDs and to further separate and control administrator actions.
This is easier said than done!
CHALLENGE Number 1: Server ID Protection:
During my speaker engagements I always ask the question, "who in the room protects their server ID?" and the result is shocking.
Most people don’t, even though they know they should and the reason for them not putting a password on the server is always the same. Too much hassle when the server goes down, administrators have to manually type in the password, no matter what the time is, so it’s easier not to protect the server ID.
I understand that it is a hassle to manually type in the password but it leaves a big security risk!
So what if you could automate this process?
CHALLENGE Number 2: Compliance
Due to legislation such as Sarbanes – Oxley companies are required to monitor their user activity on their servers and provide a reliable audit trail.
With Management being responsible for the effectiveness of the company’s internal controls and having to report an assessment of these controls at the end of each fiscal year, companies are under pressure to prevent security breaches and provide real-time reporting of material events.
The Domino Server environment offers some monitoring but only for a subset of the elements used in the configuration of servers.
Companies don’t have the ability to monitor the user activity on their servers and Managers and Auditors lack an audit trail of changes. This could have costly consequences for an organization required to report on the history of changes affecting their data security.
Challenge Number 3: Administrators with full admin access
Administrators have God-like access and innocently could cause major problems by simple actions like removing a user from an access group, modifying the server configuration or deleting a connection document. Going a bit further, what happens if an Administrator deliberately accesses documents he shouldn’t? Monitoring the server activity is good but doesn’t help to prevent access to sensitive data!
We can take away your headache!
BCC DominoProtect allows you to track and prevent changes to sensitive data on your Domino server in real-time and provides you with a reliable audit trail. It also facilitates setting up request and approval based change management process with automated compliance level documentation for all actions taken with easy one-click rollback.
DominoProtect helps to eliminate security vulnerabilities such as unencrypted server IDs or “Full Access Administration” privileges. It makes it easy to secure the server ID with one or multiple passwords and yet allow unattended server restarts.
Interested in protecting your Domino server?