e-DMZ Announces Free Remote Access Security Tool

The Total Privileged Access Management suite module enables IT managers to perform password administration over unsecured LAN and WAN connections.

Slideshow: Cloud Security Pros And Cons
(click for larger image and for full photo gallery)
To secure the connection using optional security packages from the database vendors can be quite expensive, according to Zupan. "Oracle's advanced security package can cost hundreds of dollars per seat and thousands per CPU -- that's prohibitively expensive, especially for companies looking just to secure the connection." Additionally, says Zupan, this approach requires a separate solution for each vendor database involved.

e-DMZ's secure password administration feature establishes an SSH (Secure Shell) tunnel between the administrator and the server, which encrypts communications between the two ends. According to Zupan, the new feature provides the required security while avoiding the need for expensive, database-specific add-ons.

"Sending passwords in the clear is always bad, even a brief exposure can be susceptible to compromise, and you're setting yourself up for a compliance audit failure," says Perry Carpenter, Research Director, Information Security and Privacy, Gartner Research.

"Auditors are becoming aware that there are vendor solutions to this problem that are reasonably priced and can be deployed with a reasonable degree of certainty of addressing the issue," says Carpenter. "So it's very likely that they will start requiring these solutions be employed. If a company can get the 'fix' for this as part of another security utility, all the better. SMBs, particularly, are drawn to single platform purchases that have the ability to perform multiple security functions."

A VPN (Virtual Private Network) wouldn't be sufficient, Zupan notes, "because VPNs normally terminate at the edge of the network, not all the way to the database, so the traffic would be clear text for that last stretch."

This new feature is an enhancement to the current release, and is included at no additional cost with e-DMZ's Privileged Password Management module for TPAM. (Basic pricing for TPAM is around $10,000 to $13,000.)

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing