1 Introduction
Privileged Access Management (PAM) platforms address the risks associated with uncontrolled privileged access in companies and organisations across all sectors. It is well known that most successful cyber-attacks involve the misuse of privileged accounts, and misuse is enabled by poor management using inadequate PAM software, policies, or processes. Some of the malicious activities that PAM must control are abuse of shared credentials, misuse of elevated privileges by unauthorized users, theft of privileged credentials by cyber-criminals and abuse of privileges on third-party systems.
Criminals are actively targeting privileged accounts as the best way to get inside an organization and increasingly use them to mount ransomware attacks as well as steal valuable data. Therefore, PAM is an essential component in protecting organizations against cyber-attacks, malware distribution, phishing, and data exfiltration.
Traditionally, privileged accounts were mostly given to administrators who needed access to other user accounts to perform maintenance and upgrade tasks. Some other senior employees may have also been given elevated access rights for specific tasks. This is no longer the case as privilege management use cases extend across entire organizations, with users requiring task-based access to data, services and applications held on legacy and multi- cloud-based infrastructures. The biggest change has been the increase in the number of machine identities that require privileged access to resources, applications or other machines across the infrastructure.
This change has meant PAM software has developed considerably in the last few years. New and traditional vendors have responded well to demands for more advanced PAM capabilities suitable for the modern computing era. Interest in Zero Trust Architecture (ZTA) designs and policies has grown. Buyers are increasingly aware that a well configured and up to date PAM platform can be an integral part of any such architecture design and policies.
However, the future of business operations will revolve around a new paradigm for highly dynamic IT architecture that melds multiple types of clouds with legacy networks on premises, partner networks and even, in some cases, mainframe installations. This Dynamic Entitlement Resource and Access Management (DREAM) paradigm is what the next iteration of PAM platforms (and other identity and data governance tools) must be engineered to fit; to deliver secure access and greater business value across a new generation of disparate cloud resources.
These ultra-hybrid networks will test existing identity and security frameworks to their limit and call for solutions that provide rapid access to dynamic resources wherever they are held - to where they are required. This is the demanding environment in which Hitachi ID Bravura Privilege and other PAM platforms will be deployed into.