1 Introduction
The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. This extends the risk surface. It is no longer about protecting some centralized servers in a well-secured data center, but about a sprawl of systems and services.
On the other hand, not only compliance requirements but also cyber-attacks are ever-increasing. Attackers are trying to gain access to privileged accounts, hijacking these. Organizations must react. A key element of counter-measures is implementing a Privilege Management infrastructure that helps monitoring, recording, and analyzing sessions. This helps in better identifying fraudulent behavior. It allows getting a grip on access of external users, but also access to external services. It enables a faster detection of, reaction on and remediation of incidents.
The change in both risk perception and factual risks and the growing number of ever-tightening regulations and audits lead to an increase in the number of privileged users in scope. Privilege Management must go beyond the traditional internal IT administrators. SOCs thus also must not concentrate on few user groups anymore, but on all types of users. They need efficient tools to support this change, beyond SIEM and beyond the traditional Privilege Management primarily focusing on Shared Account Password Management.
This whitepaper explains how organizations can reduce their risk surface with an adequate Privilege Management strategy, particularly focusing on session management and analytics, helping them getting ready for working with service providers, fulfilling the ever-increasing requirements for regulatory compliance, and identifying fraudulent behavior of users and potential attacks.
Modern Privilege Management is more than managing access to shared accounts. It is shifting from system administration towards the SOC and taking a far bigger role than it has ever before.