![]() Establishing a Single Sign-on session to target systems for better operational efficiency of administrators.Identifying and tracking of ownership of privileged accounts throughout their life-cycle.Discovery of shared accounts, software and service accounts across the IT infrastructure.Accidental misuse of elevated privileges by usersįurthermore, there are several other operational, governance and regulatory requirements associated with privileged access:.Abuse of privileges on third-party systems.The hijacking of privileged credentials by cyber-criminals.Abuse of elevated privileges by authorized users.We see a growing number of vendors taking different approaches to solving the underlying problem of restricting, monitoring, and analyzing privileged access and the use of shared accounts.Īmong the key challenges that drive the need for privilege management are: While credential vaulting, password rotation, controlled elevation and delegation of privileges, session establishment and activity monitoring have been the focus of attention for PAM tools, more advanced capabilities such as privileged user analytics, risk-based session monitoring and advanced threat protection are becoming the new norm - all integrated into comprehensive PAM suites being offered. Privileged Access Management (PAM), over the last few years, has become one of the most relevant areas of Cyber Security closely associated with Identity and Access Management technologies that deal with facilitating, securing and managing privileged access for both IT administrators and business users across an organization’s IT environment.Īt KuppingerCole, we define PAM solutions to constitute of following key tools and technologies: Figure 2: Blueprint of PAM tool and technologies Privileged Access Management tools are designed to address these scenarios by offering specialized techniques and unique process controls, thereby significantly enhancing the protection of an organization’s digital assets by preventing misuse of privileged access. Security leaders, therefore, need a stronger emphasis on identifying and managing these accounts to prevent the security risks emanating from their misuse.Īvailable Identity and Access Management (IAM) tools are purposely designed to deal with management of standard users’ identity and access and do not offer the capabilities to manage privileged access scenarios such as the use of shared accounts, monitoring of privileged activities and controlled elevation of access privileges. Privileged accounts pose a significant threat to the overall security posture of an organization because of their heightened level of access to sensitive data and critical operations. The privileged nature of these accounts provides their users with an unrestricted and often unmonitored access across the organization’s IT assets, which not only violates basic security principles such as least privilege but also severely limits the ability to establish individual accountability for privileged activities. Such access is generally granted to IT administrators through administrative roles using system accounts, software accounts or operational accounts. Privileged IT Users – those who have access to IT infrastructure supporting the business.This type of access is typically assigned to the application users through business roles using the application accounts. Privileged Business Users - those who have access to sensitive data and information assets such as HR records, payroll details, financial information, company’s intellectual property, etc.There are primarily two types of privileged users: Privileged Access Management (PAM) represents the set of critical cybersecurity controls that address the security risks associated with the use of privileged access in an organization. Security leaders, therefore, have an urgent need to constantly improve upon the security posture of the organization by identifying and implementing appropriate controls to prevent such threats. To stay competitive and compliant, organizations must actively seek newer ways of assessing and managing security risks without disrupting the business. Emerging technology initiatives such as the digital workplace, DevOps, security automation and the Internet of Things continue to expand the attack surface of organizations as well as introduce new digital risks. To remain relevant, organizations must reinvent themselves by being agile and more innovative. In the age of digital transformation, not only the requirements for IT but also the way IT is done, are constantly evolving.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |