1 Introduction
Digital transformation is no longer optional for businesses and organizations if they wish to stay competitive and deliver greater value to customers. But as they seek to embrace the advantages of Cloud, IoT, AI and Big Data projects across extended infrastructures, organizations need to be aware of the cyber security, compliance, and identity risks that digital transformation also creates.
While these risks are serious, they can be significantly reduced through intelligent, fit-for-purpose and structured deployment of security solutions. As agile access and identity requests are a prime characteristic of a successful digital environment, it follows that one of the most important suites of products to manage this securely is PAM. PAM solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. Among the key challenges that drive the need for PAM are:
- Abuse of shared credentials
- Abuse of elevated privileges by unauthorized users
- Hijacking of privileged credentials by cyber-criminals
- Abuse of privileges on third-party systems
- Accidental misuse of elevated privileges by users
- The requirement to perform attestations on privileged users and admin accounts
- Vulnerability of endpoints that provide access to privileged accounts
Furthermore, there are several other operational, governance and regulatory requirements associated with privileged access:
- Discovery of shared accounts, software, and service accounts across the IT infrastructure
- Identifying and tracking of ownership of privileged accounts throughout their lifecycle
- Establishing Single Sign-on sessions to target systems for better operational efficiency of administrators
- Auditing, recording, and monitoring of privileged activities for regulatory compliance
- Managing, restricting, and monitoring administrative access of IT outsourcing vendors and MSPs to internal IT systems
- Managing, restricting, and monitoring administrative access of internal users to cloud services
Users also need fast and easy access to applications, files, databases, and servers which calls for greater attention paid to the design of the security and productivity balance within PAM tools. In recent years, PAM solutions have become more sophisticated, making them robust security management tools. While credential vaulting, password rotation, privilege delegation and activity monitoring are common, more advanced capabilities such as privileged user analytics, risk-based session monitoring, advanced threat protection, and the ability to embrace PAM into an enterprise governance program are the new standard to protect against today’s threats in complex environments.
The endpoint challenge for privileged access management
Privileged access is required from the millions of endpoints that form part of extended enterprises, traditionally on machines running Windows or macOS operating systems. The importance of Endpoint Privilege Management (EPM) increased as the COVID-19 crisis took hold across the world in 2020 and organizations were forced to rely on operations and tasks executed by employees at home. Often, these were on devices outside of the network and even included personal devices shared by family members, leaving organizations more vulnerable.
The COVID-19 crisis also unleashed an avalanche of malware as criminals looked to take advantage of the situation. A stunning 30,000%[^1] increase in malware volume in the first months of the pandemic was recorded by security researchers, acutely underlining the risk posed by uncontrolled use of privileged accounts from unprotected endpoints.
Therefore, Endpoint Privilege Management (EPM) has gained renewed currency among IT and security managers, but to implement it well there are several challenges. The EPM solution chosen should ensure that it prevents intrusion into servers from malware as well as protecting the endpoint itself. End users do not need any more barriers to “getting the job done” so avoiding another set of credentials at the endpoint is recommended.
In addition, organizations are faced with tighter budget controls after the COVID-19 crisis. They need to carefully balance cost, time-to-value as well as security for any new investment into endpoint security. In this Executive View, we assess how BeyondTrust’s EPM solution stacks up to meet the challenges of privilege management at the endpoint insideand outside of the network, with the large shift to remote working.