Privileged access management (PAM) consists of strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes and systems across an IT environment. By implementing an appropriate level of privileged access controls, PAM helps organizations condense their organization’s attack surface and prevent, or at least mitigate, the damage arising from external attacks as well as from insider wrongdoing or negligence.
While privilege management encompasses many strategies, the central goal is the enforcement of least privilege, which is defined as the restriction of access rights and permissions for users, accounts, applications, systems, devices (such as IoT) and computing processes to the absolute minimum necessary to perform routine, authorized activities.
PAM has drastically changed the way enterprises protect access to critical systems. Using credential vaults and other session control tools, PAM has allowed managers to maintain privileged identities while significantly decreasing the risk of their compromise. By centralizing privileged credentials in one place, PAM systems can ensure a high level of security for them, control who is accessing them, log all accesses and monitor for any suspicious activity.
Both industry leaders Forrester and Gartner have placed privileged management as a top priority for CISOs. And it’s no wonder why. PAM protects a company’s unique digital identities that, if stolen, could bring the entire organization to a complete halt.
Privileged Credentials are Attractive Targets
The very existence of privileged accounts creates a huge liability. If a single digital identity can grant such unrestricted access, the consequences of that identity being exposed could be catastrophic. Hackers are aware of that fact, which is why powerful users are privileged targets. Privileged user accounts are significant targets for attack as they have elevated permissions, access to confidential information and the ability to change settings. If compromised, organizational operations will be hampered. Types of accounts that implement PAM can include emergency cybersecurity procedure, local administrative, Microsoft Active Directory, application or service and domain administrative accounts. Over the past few years, it’s become evident that attackers are no longer “hacking” in for data breaches; they are taking advantage of weak, stolen or otherwise compromised credentials. Once they are in, they then spread out and move laterally across the network, hunting for privileged accounts and credentials that help them gain privileged access to an organization’s most critical infrastructure and sensitive data.Privileged Credential Abuse is Involved in 74% of Data Breaches
Forrester Research has estimated that, despite continually increasing cybersecurity budgets, 80% of security breaches involve privileged access abuse, and 66% of companies have been breached an average of five or more times. A new survey supports this estimate, finding that 74% of respondents whose organizations have been breached acknowledge it involved access to a privileged account. More concerning is the survey finding that most organizations continue to grant too much trust and privilege, are not prioritizing PAM and are not implementing it effectively. Practitioners should consider that critical and fundamental security controls such as PAM are enablers for digital transformation. However, organizations are simply not taking some of the most basic steps to secure privileged credentials.- Over half of respondents (52%) do not have a password vault.
- 65% are still sharing root or privileged access to systems and data at least somewhat often.
- More than 1 out of every 5 (21%) still have not implemented multi-factor authentication for privileged administrative access.
- 45 percent are not securing public and private cloud workloads with privileged access controls.
- 58 percent are not securing big data projects with privileged access controls.
- 68 percent are not securing network devices like hubs, switches and routers with privileged access controls.
- 72 percent are not securing containers with privileged access controls..