1 Introduction
Privileged Access Management (PAM) platforms are cybersecurity components that address the risks associated with the use of privileged access in companies across all sectors. It is recorded that most successful cyber-attacks involve the misuse of privileged accounts, and misuse is enabled by poor management using inadequate PAM software, policies, or processes. Some of the malicious activities that PAM must control are abuse of shared credentials, misuse of elevated privileges by unauthorized users, theft of privileged credentials by cyber-criminals and abuse of privileges on third-party systems.
A 2020 report[^1] stated that potentially malicious privileged access from an unknown source accounted for 74% of all privileged access anomaly behaviour detections. So even if the source turns out to be benign, time and resources are spent on verification that would be avoided by an up-to-date PAM installation. It is clear hackers are actively targeting privileged accounts as the best way to get inside an organization and increasingly use them to mount ransomware attacks. Therefore, PAM is an essential component in protecting organizations against cyber-attacks, malware distribution, phishing, and data exfiltration.
Traditionally, privileged accounts were mostly given to administrators who needed access to other user accounts to perform maintenance and upgrade tasks. Some other senior employees may have also been given elevated access rights for specific tasks. This is no longer the case as privilege management use cases extend across entire organizations, with users requiring task-based access to data, services and applications held on legacy and multi- cloud-based infrastructures. And of course, admins still need to perform those traditional privileged tasks!
This change has meant PAM software has developed considerably in the last few years. New and traditional vendors have responded well to demands for more advanced PAM capabilities suitable for the modern computing era.
Interest in Zero Trust Architecture (ZTA) designs and policies has grown. Buyers are increasingly aware that a well configured and up to date PAM platform can be an integral part of any such architecture.
However, the future of business operations will revolve around a new paradigm for highly dynamic IT architecture that melds multiple types of clouds with legacy networks on premises, partner networks and even, in some cases, mainframe installations. This Dynamic Entitlement Resource and Access Management (DREAM) paradigm is what the next iteration of PAM platforms (and other identity and data governance tools) must be engineered to fit; to deliver secure access and greater business value across a new generation of cloud resources.
These ultra-hybrid networks will test existing identity and security frameworks to their limit and call for solutions that provide rapid access to dynamic resources wherever they are held - to where they are required. This is the environment in which Micro Focus NetIQ Privileged Account Manager and other PAM platforms will be deployed into.