{"id":1008,"date":"2014-01-23T07:27:51","date_gmt":"2014-01-23T14:27:51","guid":{"rendered":"https:\/\/www.jumpcloud.com\/?p=1008"},"modified":"2024-11-08T16:52:03","modified_gmt":"2024-11-08T21:52:03","slug":"admin-activity-monitoring","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/admin-activity-monitoring","title":{"rendered":"Admin Activity Monitoring"},"content":{"rendered":"
DevOps and IT admins have an interesting security problem that they need to solve. With an exploding number of cloud and virtual servers at places like AWS, Google Compute Engine, and\u00a0SoftLayer<\/a>, an increasingly technical workforce, and the trend towards using third party technical experts, how do these modern day company leaders ensure that the right things are happening on the right servers at the right times? With all of this activity, is it just too hard to track and monitor everything?<\/p>\n DevOps and IT admins are privileged users<\/a> who wield great power – and responsibility \u2014<\/span> over an organization\u2019s IT infrastructure. One mistake, with, say, a command executed as root, could spell disaster \u2014<\/span> downtime, loss of revenue, or even loss of data are very real risks that organizations face every day. And, that\u2019s a positive case. You read about the more negative cases every day in the newspapers, which happen when a malicious user leverages a method to obtain root access on a box or potentially a whole infrastructure doing damage. \u00a0This happened in the three most recent high profile breaches including SnapChat<\/a>,\u00a0Target<\/a>, and\u00a0MongoHQ<\/a>. The hacker could then exfiltrate key data and compromise the organization\u2019s end users, intellectual property, or even the organization\u2019s employees. Security is always a critical issue.<\/p>\n The challenge that DevOps and IT admins face is that systems today generate a tremendous amount of log data, and reviewing all of that data just isn\u2019t possible. A log analysis system or SEIM just pushes the work around \u2014<\/span> you get a better interface to look at the data, but you still have to look. You need to know what to look for, make the queries, and then interpret the results. That\u2019s not understanding the time pressure that DevOps folks are under.<\/p>\n JumpCloud has been thinking about this problem for quite a while. Fundamentally, we think this process needs to be automated \u2014<\/span> from collection of the data to analysis and interpretation. That\u2019s a tall order, no question, but until that happens, the task of monitoring admin activity will still be too manual, time consuming, and ad hoc.<\/p>\n That\u2019s why JumpCloud is striving to automate the analysis of privileged user access for mistakes and potential malicious activity, as well as presenting our users with the critical issues.<\/p>\n If managing user access to cloud servers is a problem that you feel like you need help with \u2014<\/span> give JumpCloud\u2019s Directory-as-a-Service\u00ae<\/sup> a try and work with us to solve your problems. We know that this is a big problem and our approach could change the game for IT folks. We are continuously getting feedback and suggestions<\/a> from our customers and adding capabilities every day.<\/p>\n","protected":false},"excerpt":{"rendered":" DevOps and IT admins have an interesting problem that they need to solve when it comes to security and activity monitoring.<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[],"collection":[2778,2780],"platform":[],"funnel_stage":[3016],"coauthors":[2511],"acf":[],"yoast_head":"\nSecurity Under the IT Admin Time Crunch<\/h2>\n