Identification and Access Management Software for IBM i
Privileged user management for system administrators
Protect Sensitive Information
Giving too much system access to the wrong users can lead to catastrophic data corruption and loss. Limit the risk with privileged access management software. Authority Broker protects corporate assets and audits user access in real time for maximum system security.
Control User Privileges
Security best practices recommend limiting the number of privileged user accounts, but having too many user profiles with special authorities is one of the most common security lapses uncovered in IBM i audits. Give users the access they need to do their jobs—without giving too much.
Capture System Activity
Maintain a record of everything a user does when they swap into a privileged profile. Using award-winning screen capture technology, Authority Broker provides system administrators and IT leaders with an unparalleled view of user activity, helping to safeguard sensitive IBM i data.
Save Time and Resources
Developing user management tools in-house can be incredibly time-consuming. By comparison, implementing Authority Broker is quick and easy, saving you time and internal resources.
Monitored authority swap
Ensure special authorities are granted only to those who need them, when they need them. Authority Broker allows you to delegate and monitor elevated privileges, eliminating the need for special authorities in staff members’ everyday profiles. Define users who have the ability to swap into privileged profiles, controlling what authorities they can switch to and setting date or time restrictions for how long they can use that authority.
See every keystroke a user performs when he or she swaps to elevated authorities. Authority Broker records a user’s every movement, even in transparent utilities such as SQL, DFU, and SST. Each time a user steps through a menu or enters a command, a screen grab is triggered. Screen captures can be viewed in near real-time or sent to an administrator in PDF form.
Separation of duties
As a security best practice, separation of duties limits giving too much power to any one individual to help prevent fraudulent activity and abuse of privileges by users. Auditors look for segregated duties as part of Sarbanes-Oxley (SOX) audits. Authority Broker helps you satisfy auditors and prevent conflicts of interest by enforcing the segregation of duties when granting system access to team members; for instance, inhibiting a developer from writing the programs that report on his own activity, or giving development staff emergency access beyond their usual authorities.
Know exactly when users assume privileged authority with real-time alerts. Set up alerts to inform managers and any other selected recipients every time an elevation of privileges occurs. Authority Broker will send a customized email as soon as a user assumes authority.
Command Privilege Management with Command Security
Nothing would happen on the IBM i without users executing commands, but a command-based system poses unique risks. While some commands are harmless if available to anyone with a user profile, others could cause significant damage or security issues if misused. Securing the system requires a solution that prevents users from performing tasks outside of their normal job responsibilities.
Just as Authority Broker helps you manage user access and monitor user activity, Command Security gives you the ability to monitor and restrict command usage. Allow or prevent commands from being executed based on the situation, and notify administrators when select commands are issued. Having control over certain commands helps administrators maintain a secure system and prevent inappropriate command usage.