1 Introduction
In the age of digital transformation, not only the requirements for IT, but also the way IT is done, are constantly evolving. To remain relevant, organizations must reinvent themselves by being agile and more innovative. Emerging technology initiatives such as digital workplace, DevOps, security automation and the Internet of Things continue to expand the attack surface of organizations as well as introduce new digital risks. To stay competitive and compliant, organizations must actively seek new ways of assessing and managing the security risks without disrupting the business. Security leaders, therefore, have an urgent need to constantly improve upon the security posture of the organization by identifying and implementing appropriate controls to prevent such threats.
Privileged Access Management (PAM), over the past few years, has become one of the most relevant areas of Cybersecurity associated with IAM (Identity and Access Management). PAM deals with identifying, securing and managing privileged credentials and the resulting access across an organization’s IT environment. Once considered a technology option for optimizing administrative efficiency by managing passwords and other secrets, PAM has evolved into a set of crucial technologies for preventing security breaches and credential thefts. PAM today concerns Security and Risk Management leaders as well as Infrastructure and Operation (I&O) leaders across the industries for several security and operational benefits.
PAM represents the set of critical cybersecurity controls that address the security risks associated with privileged users and privileged access in an organization. There are primarily two types of privileged users in the context of a foundational PAM solution: Privileged Business Users – those who have access to sensitive data and information assets such as HR records, payroll details, financial information, company’s intellectual property, etc. This type of access is typically assigned to the application users through business roles using the application accounts.
Privileged IT Users – those who have access to IT infrastructure supporting the business. Such access is generally granted to IT administrators through administrative roles using system accounts, software accounts or operational accounts.
Available Identity and Access Management (IAM) tools are purposely designed to deal with management of standard users’ identity and access, and do not offer the capabilities to manage privileged access scenarios such as managing access to shared accounts, monitoring of privileged activities and controlled elevation of access privileges. Privileged Access Management tools are designed to address these scenarios by offering specialized techniques and process controls, thereby significantly enhancing the protection of an organization’s digital assets by preventing misuse of privileged access.
While credential vaulting, password rotation, controlled elevation and delegation are the focus of attention for PAM tools, more advanced capabilities such as privileged user analytics, risk-based session monitoring and advanced threat protection are becoming the new norm. With the attack surface expanding and the number and sophistication of attacks increasing every year, an integrated and more comprehensive PAM solution is required – one that can automatically detect risky behavior and initiate automated mitigations. A successful attack can be conducted in minutes; therefore, a PAM solution must be capable of thwarting this attack without human intervention. And although we see more comprehensive PAM suites and solutions being offered, vendors are taking different approaches to solve the underlying problem of restricting, monitoring, and analyzing privileged access and the use of shared accounts.