Credential theft is the most popular way cyber criminals use to access corporate environments, but real power comes from compromising privileged credentials, which is why Privileged Access Management (PAM) is one of the most important areas of risk management and security for any organization.
In fact, PAM is becoming increasingly important because changing business practices such as the adoption of cloud computing and other aspects of digital transformation, the users of privileged accounts have become more numerous and widespread than ever before.
Privileged access is highly sought after by cyber criminals because that is what enables them to move laterally within corporate networks, establish persistence, and gain access to the most sensitive corporate data in servers, databases, and other high-value systems. It is no surprise, therefore, that nearly all damaging cyber-attacks involve privileged account compromise.
Locking down privilege access is clearly necessary and is recommended by top industry analysts and industry leaders, but it is challenging to do at scale, especially because most modern IT environments include a mix of on-prem, cloud, and hybrid applications, and the fact that privileged access is no longer just for IT administrators who need access to the IT infrastructure.
In addition to administrators, there is a growing number of business users who need privileged access to IT and business data and privileged users are also no longer confined to human actors, but can now also include non-human actors such as applications, processes, machines, and devices.
Due to the complexity of the challenge, PAM solutions are essential tools in helping organizations to address this problem to ensure that they are applying the principle of least privileged consistently and effectively to those individual and entities that have the most powerful access rights.
With the attack surface expanding and the number of attacks increasing every year, an integrated and more comprehensive PAM solution is required – one that can automatically detect unusual behavior and initiate automated mitigations.
— Paul Fisher, Senior Analyst, KuppingerCole.
Because we understand how the importance of PAM, and because we are committed to helping your business succeed, KuppingerCole has a great deal of content available in a variety of formats.
Topic Overview
Wherever you are in your PAM journey, and excellent place to start is KuppingerCole’s Insight on Privileged Access Management, that is designed to explain why privileged access matters to your business and nearly everything you need to know to get started.
For another perspective on PAM in the wider context of IAM, have a look at the KuppingerCole Insight entitled: The Definitive Guide to Identity & Access Management - All You Need to Know about Identity & Access Management and Finding the Right Solution for Your Requirements.
Advisories
Managing the use of privileged accounts is essential to protect against mistakes and misuse as well as cyberattacks and leakage of data. For an overview of the steps that organizations need to take to manage privilege, have a look at this Leadership Brief on Privileged Account Management Considerations.
For an overview overview of challenges in privilege management, the status of the privilege management market, the maturing levels of offerings, and what to consider when choosing privilege management solutions, have a look at this Advisory Note on Privilege Management.
For a foundation for rating the current state of you privilege management projects and programs, have a look at section 2.5 of this Advisory Note on Maturity Level Matrixes for Identity and Access.
For a high-level overview of the current role and future requirements in PAM, have a look at section 5.6 of this Advisory Note on Future of Identity Management, while a more detailed perspective on where PAM technology is today, where it is heading in the future, and what buyers should consider when evaluating any PAM solution for their organization, have a look at this advisory note on Trends in Privileged Access Management for the Digital Enterprise.
And for a perspective on privilege management in the context of access governance, have a look at this Advisory Note on Redefining Access Governance: A broader perspective.
Blogs
Our analysts have blogged on various topics relating to PAM. Have a look at the list below and choose those which are most interesting or relevant.
- PAM Is Changing and You Need to Know Why
- The Battle of PAM Clients: 5 Benefits of Thin Clients Aug 2020
- Privileged Access Management Can Take on AI-Powered Malware to Protect Identity-Based Computing
Audio/video
If you would prefer to listen to what our analysts and partners have to say on the topic of PAM, listen to these Analyst Chats on the general topics of What are Privileged Accounts and Analyst Chat #26: Functionalities at the Core of a Privileged Account Management System or more specifically on The Influence of PAM on WfH, and its Influence on PAM.
For PAM related presentations by our analysts, have a look at these presentations on Privileged Access Management in a Changing World, PAM: You're not alone. The interplay of PAM with Cybersecurity, IAM, and ITSM, and Trends and Findings From the 2020 PAM Leadership Compass.
Listen to what some of our partners have to say on PAM-related topics such as Best Practices for a PAM Deployment, The Interplay between SOAR and PAM, and Cloud PAM: Challenges, Considerations And Approach.
Often missed as a niche part of IT, “admin” access is the holy grail for the bad-guys attacking your business. Have a look at his presentation to find out Why Your Business Needs a Strategic Approach to PAM.
Webinars
KuppingerCole has a range of webinars on PAM-related topics. Read through the list below and choose those that are most relevant to your business needs:
- Why Managing Privileged Users Benefits your Business Sept 2011
- Four Key Components Critical to the Future of Privileged Access Management
- Designing and Establishing a Mature PAM Ecosystem for Reducing Risk in Your Organisation
- Best Practices of Privileged Identity Management
- Privileged Access Management: Cloud Delivery Without Compromise
- Privileged Access Management Needs a New Approach
- A Fresh Look at the Business Value of PAM in the Work-From-Anywhere World
Whitepapers
Modern Privilege Management is more than managing access to shared accounts. It is shifting from system administration towards the SOC and taking a far bigger role than it has ever before. For more on this topic, have a look at this Whitepaper on how to Manage privileged access from everyone & everywhere.
To reduce risk, and uphold stringent GRC obligations within an organization, a cost effective PAM solution is essential. To find out more, have a look at this Whitepaper on Understanding Privileged Access Management.
For more information about PAM in the context of small businesses, have a look at this Whitepaper on Privileged Access Management requirements for SMBs, while for a discussion on the drivers, challenges and best practice approaches of leveraging Privileged Access Governance to enable a secure, accountable and regulatory compliant privileged access environment for organizations, have a look at this Whitepaper on Privileged Access Governance.
Tech Investment
For organizations looking to make initial or further investments in the PAM market, for insights around the leaders in innovation, product features, and market reach, have a look at the Leadership Compass on Privileged Access Management.
For an overview of markets to related solutions, have a look at these leadership compasses on Access Management, Privilege Management, Adaptive Authentication, and Access Governance & Intelligence.
Further orientation on the PAM-related technology market can be found in the Market Compass reports on Data Governance Platforms and Providers of Verified Identity.
Guidance on questions to ask vendors, criteria to select your vendor, and requirements for successful deployments can be found in this Buyer’s Compass on Privileged Access Management .
Organizations investing in technologies to privileged access management, can have a look at some of the related technology solutions that we have evaluated:
- WALLIX Bastion
- BeyondTrust Endpoint Privilege Management
- ARCON PAM SaaS
- Fudo PAM by Fudo Security
- CyberArk Core Privileged Access Security
- ManageEngine PAM360
- Hitachi ID Privileged Access Manager
- Thycotic Access Controller
- Symantec Privileged Access Manager
- CyberArk Privilege Cloud
- Devolutions PAM Solution
- Osirium: Privileged Access Management
- Bomgar Privileged Access Management