1 Introduction
In the age of digital transformation, the requirements for IT, but also the ways IT is done, are changing. Organizations need to reinvent themselves and become agile and more innovative, while meeting ever increasing regulation all in addition to constantly improving security, by having the right counter measures and preventing attacks. On the other hand, with the vast number of attacks that organizations are facing and the burgeoning of regulations, organizations must invent new methods of meeting these needs while still perfectly serving their customers. In addition, smart manufacturing and the internet of things massively expand the attack surface of organizations. Among the various countermeasures Privilege Management plays a central role.
Privilege Management describes technologies that help better manage and control so-called “privileged accounts”, i.e. accounts having elevated privileges and thus exposing a higher risk. Such accounts also include shared accounts, which frequently have elevated privileges, but are at even higher risk due to the nature of shared credentials. The capabilities of Privilege Management services nowadays range from Shared Account Password Management to Session Management and Privileged Behavior Analytics.
Privilege Management is a critical component of an enterprise’s overall Cybersecurity program since attackers frequently target high-privilege accounts. The users of the privileged accounts have the broadest access to sensitive company data such as HR records, financial information, payroll details or a company’s intellectual property. Therefore, a strong emphasis on protecting these accounts is warranted, and can particularly reduce the risk of the largest data breaches.
Furthermore, Privilege Management is an essential element in protecting organizations against attacks that are not yet identified. What commonly are called zero-day attacks have usually, in fact, been running for a longer period of time, sometimes for years. All attacks go through a phase where they are run but are not yet detected. Traditional technologies such as signature-based Anti-Malware don’t help in these scenarios. New Cybersecurity tools looking for anomalies and outliers can help identify such long-running attacks.
Privilege Management is focused on mitigating risks and in protecting the crown jewels of organizations: their most valuable digital assets and systems. Thus, it is no surprise that the market for Privilege Management is dynamic, with new vendors entering and new and modernized offerings delivering better ways to tackle the challenges of securing privileged user accounts.
When looking at Privilege Management products, we expect to see Shared Account Password Management, Privileged Single Sign-On, Privileged Account Discovery and Lifecycle Management, and Session Monitoring capabilities. The main features in these areas should include at least the following:
- Shared Account and Privileged Password Management
- Central management of shared account privileges
- Automated credential rotation or OTPs
- Secure Access to privileged credentials
- Privileged Single Sign-On (SSO access to multiple privileged sessions)
- Simple management of session assignments to users
- Ad-hoc and upfront authorization of access with support of approval lifecycles
- Simple yet secure UIs
- Privileged Account Discovery and Lifecycle Management
- Automated discovery of privileged accounts on servers, clients, and other systems in scope (e.g. network devices)
- Integration into CMDBs
- Simple (automated) grouping of accounts and systems
- Session Monitoring, Analysis, and Recording
- Session Monitoring
- Session Recording
- Session Analysis
- All for both CMD based and GUI based sessions
With the completion of its acquisition of the software division of Hewlett Packard Enterprise (HPE) on September 1, 2017, Micro Focus became the world’s seventh largest pure-play enterprise software company. The addition of HPE Software tripled Micro Focus’ revenue to US$4.4 billion and gives the company some 15,000 employees and over 50,000 customers worldwide. The acquisition expands Micro Focus’ already broad product line-up aimed at enterprise IT infrastructure operations, increasing support for network and security operations centres (NOC/SOC) where HPE has been particularly strong. The company will specialize in meeting the need of the hybrid enterprise customer to integrate operations and security of their mix of on-premises and legacy systems together with Cloud-based assets, serving increasingly mobile users.