In today’s networks, administrative access to Linux servers is commonly managed by Privileged Access Management (PAM). It is not only important to monitor these privileged accounts, but also to control segregation of duty and detect keys as well as accounts that potentially bypass PAM. Unprohibited access can become a business risk. In order to improve the security in a controlled manner, we establish IdMSecMan, a security management process tailored for identity and access management (IAM). Security management processes typically use the Deming Cycle or an adaption for continuous improvements of products, services, or processes within the network infrastructure. We adjust a security management process with visualization for IAM, which also shifts the focus from typical assets to the attacker. With the controlled cycles, the maturity of IAM is measured and can continually advance. This paper presents and applies the work in progress IdMSecMan to a motivating scenario in the field of Linux server. We evaluate our approach in a controlled test environment with first steps to roll it out in our data center. Last but not least, we discuss challenges and future work.     «

In today’s networks, administrative access to Linux servers is commonly managed by Privileged Access Management (PAM). It is not only important to monitor these privileged accounts, but also to control segregation of duty and detect keys as well as accounts that potentially bypass PAM. Unprohibited access can become a business risk. In order to improve the security in a controlled manner, we establish IdMSecMan, a security management process tailored for identity and access management (IAM). Se...    »