Gartner has listed the 10 most important security projects that CISOs should focus on in 2018 to reduce risk and make a large impact on the business. Privileged account management (PAM) made it to the top, which was a well-deserved victory for future cybersecurity.
Privileged accounts are everywhere and the trend is rising
Servers, network devices, databases, applications - just to mention a few. A privileged account is actually any account that can be used to access and modify the organization's critical data or settings in an infrastructure, and have unrestricted access to systems.
There is a growing trend – organizations’ enterprise infrastructure is constantly forced to generate more and more privileged accounts due to the pressure of the changing operating environment. While end users may be able to log in to services with a single account, the story behind the scenes is quite the opposite. In the backend, there is a growing number of highly privileged accounts and credentials, and the variety of these accounts is only increasing.
New challenges. New requirements.
The threat landscape has changed, and the number of severe information security attacks has increased dramatically in recent years. Unfortunately, privileged accounts have been targeted due to the fact that they provide the keys to the kingdom for an attacker to gain access and move laterally within a network.
Privileged accounts are powerful and can bypass all traditional access and security controls.
Simultaneously, we have witnessed a fast development as the entire infrastructure model has transitioned from on-premises to complex virtual environments; cloud and managed services, and everything in between. The increasing number of vendors and partners brings with it a concern with how to manage accounts in different infrastructures and services, not to mention the visibility of what your partners are doing within your infrastructure.
Connected devices and services are here to stay. So is the ever increasing number of integrations needed between the platforms, services, and APIs. This generates many new challenges for the organizations: how to manage application and service credentials, private keys or other backend credentials; how to force policies on often highly privileged service accounts; how to monitor accounts used by services and applications; and how to ensure that that application account is used only by that specific application.
There have also been changes to compliance. Even if regulations and standards have existed for quite a while already, the mighty GDPR brought accountability and auditability requirements to a completely new level.
The big benefits of PAM
There are three different primary drivers for organizations to utilize Privileged Account Management.
PAM helps to solve the growing challenges and requirements of the era of digitalization.
The first benefit is simply the avoidance of breaches. Privileged account management is able to either entirely stop a breach or drastically limit a breach’s scope and also help breach investigation by providing audit and session data from privileged accounts.
Secondly, privileged account management helps with meeting compliance requirements as it is able to provide the necessary controls, management and provide an audit log for all necessary accounts, shared, application and service accounts included.
And last but not least, PAM provides secure and efficient access to privileged accounts for both internal and third parties. For admin access, these solutions are able to provide easy, monitored access directly to specific endpoints or services. Access can be very specific and can even be monitored in real time! For end users, these also provide fast access to specific endpoints without any additional tools.
Organizations that utilize PAM benefit from increased productivity in IT and security teams, streamlined compliance audits and reduced risk of privileged account compromise. Together, these benefits provided for time and cost savings and long-term resource efficiencies.
After realizing all the benefits that PAM has to offer, no wonder it reached the highest ranking on Gartner’s security project list. Meanwhile, there is one thing worth keeping in mind: Privileged account management is a long-term initiative that requires proper scoping, roadmap development, stakeholder support and management commitment, and above all a trusted cybersecurity partner to achieve the desired business value and risk reduction, due to a mixture of political and cultural issues within each organization.
Are you interested to hear more about Privileged Account Management?
Read Joseph Carson's hugely popular E-book on Privileged Account Management. It’s fast, easy read to get up to speed on Privileged Account Management security basics.
Download the E-book here >>
Also, take a look at our video series Sixty seconds of cybersecurity and learn about PAM in sixty seconds from the video below.