Hitachi ID Systems Blogs

Interesting blog entry on

serverfault.com about whether and when to grant developer access to production systems.

It’s a good read – if you’re a developer or an admin – go read it.

The one thing I can add to the discussion is simply this: it’s not an all-or-nothing question. It’s reasonable, for example, to grant developers admin-level access to a production system in the context of resolving an emergency outage, or troubleshooting a hard-to-find problem, or performing a complicated version upgrade, or even as backup resources if all the normal admins are unavailable (home sick, etc.).

Operationally, it’s pretty straightforward to do that using a privileged password management system. That’s because PPM systems randomize passwords regularly (e.g., daily or even more often), so giving a developer the admin password to a production system does not imply that he’ll still know it tomorrow, or even that he’ll know the admin password for some other systems. A PPM system can also be used for workflow authorization of the temporary access grant, audit logs, etc.

Interesting reading:

networkworld.com/news/2010/011510-financial-firm-notifies-12m-after.html

Sounds like Lincoln National had a bunch of shared, static admin passwords and after 10 years (!!) someone was tipped off that
ex-employees still had access and may have compromised customer privacy.

Wow.

Can you imagine leaving admin passwords the same for that long, presumably spanning the departure of IT admin staff?

That’s just dumb, and the consequence these days is not “oops, lucky nothing bad happened” but rather “oops, we have to notify 1.2 million customers that we did something stupid.” Great PR.

The solution, of course, is simple. Change those passwords – often. Products such as Hitachi ID Privileged Password Manager (link below) make it even easier – they will change the password for you, automatically.

PPM Product site

Hopefully this is a lesson for someone..

– Idan