Articles about PAM

Privileged Access Management (PAM) has been around for more than 20 years taking critical accounts and putting them into a vault to ensure only select individuals could access them securely. Since then, PAM has evolved and now focuses on controlling the access itself which means preventing broad access to specific data and providing insight into who has access, and when an account has been accessed.

Privileged accounts have traditionally been given to administrators to access critical data and applications. However, changing business practices, agile software development, and digital transformation have meant that privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, an adequate PAM solution is essential.

Continue reading →

When it comes to identity management security tools today, there are two main camps: best-of-breed and platform. When choosing between best-of-breed solutions and integrated platform solutions it's important to weigh their respective advantages and disadvantages. In order to perform a thorough analysis, it’s recommended to have a firm grasp of your organization’s objectives, maturity, priorities and capabilities -- for example, whether your organization can effectively manage multiple vendors, or whether your organization would benefit from a platform approach that may be too broad for your complex needs.

You could think of it in terms of buying a car. Having a high-end car may seem attractive, but it comes with additional challenges and responsibilities. You can only choose what's best for your organization once you've taken a realistic and accurate look at your organization, its skills and its needs.

Continue reading →

Privileged access management is not a new concept to most IT and security leaders, but we’ve seen a surge in cyber incidents focused on exploiting privileged access that have renewed its importance. From the Windows Print Spooler vulnerability of 2021 to the Okta breach that impacted hundreds of companies earlier this year, attackers continue to gain access through vulnerable credentials and use that access to move laterally and cause trouble at rapid speeds for Fortune 1000 organizations. While breaches happen, it’s unfortunate when something as simple as privileged access management could have thwarted the attackers.

As geopolitical tensions continue to rise on the cybersecurity front, it’s clear no one is spared from cyberattacks. With that, it’s more critical than ever before for organizations to closely review current privileged access management policies and solutions. Here are some best practices to think about when deciding how to approach PAM properly and securely.

Continue reading →

For the first time ever in 2020, the annual Verizon Data Breach Investigations Report included a section devoted to Privileged Access Management, leading with a jarring figure: 53 percent of all investigated breaches were due to the misuse of privileged accounts.

It makes sense that Privileged Access Management (PAM) would be vital to the security of an enterprise, as PAM controls access to administrative accounts -- or accounts that provide unlimited access to the systems which includes access to any sensitive data or important applications on that system. Bad actors gain access to these accounts by exploiting vulnerabilities like default and weak passwords, dormant accounts, and even leveraging social engineering tactics.

Continue reading →