Slideshow: Cloud Security Pros And Cons
|(click for larger image and for full photo gallery)|
e-DMZ's secure password administration feature establishes an SSH (Secure Shell) tunnel between the administrator and the server, which encrypts communications between the two ends. According to Zupan, the new feature provides the required security while avoiding the need for expensive, database-specific add-ons.
"Sending passwords in the clear is always bad, even a brief exposure can be susceptible to compromise, and you're setting yourself up for a compliance audit failure," says Perry Carpenter, Research Director, Information Security and Privacy, Gartner Research.
"Auditors are becoming aware that there are vendor solutions to this problem that are reasonably priced and can be deployed with a reasonable degree of certainty of addressing the issue," says Carpenter. "So it's very likely that they will start requiring these solutions be employed. If a company can get the 'fix' for this as part of another security utility, all the better. SMBs, particularly, are drawn to single platform purchases that have the ability to perform multiple security functions."
A VPN (Virtual Private Network) wouldn't be sufficient, Zupan notes, "because VPNs normally terminate at the edge of the network, not all the way to the database, so the traffic would be clear text for that last stretch."
This new feature is an enhancement to the current release, and is included at no additional cost with e-DMZ's Privileged Password Management module for TPAM. (Basic pricing for TPAM is around $10,000 to $13,000.)