System administrators and other “superusers” are the most privileged users in a company’s IT environment. They have very high or even unrestricted access rights on operating systems, databases and application layers. Having superuser privileges on servers, administrators have the possibility to directly access and manipulate the company’s sensitive information, such as financial or CRM data, personnel records or credit card numbers. Furthermore, several administrators typically access the same privileged account, sharing the account password, which could not be treated as secure. Consequently, it is very hard to answer the question of “who did what?” and even more difficult to provide proof of any misuse. In addition, regulations like the PCI-DSS, the ISO 2700x, or the COBIT all mandate the control of information system access to prevent unauthorized use of sensitive data.
In such situations it is reassuring to have an independent audit solution provided Kyrah Tech that can reliably control and record access to sensitive data, and can securely store these records for later review.