dcsimg

PAM Solutions: Critical to Securing Privileged Access

  • PAM Solutions: Critical to Securing Privileged Access-

    PAM: Finding the unknown

    The operative word in privileged access account is privileged. These users are using legitimate credentials to access the database or network, but how do you know if their use is authentic or nefarious? PAM solutions are built from traditional Identity Access Management (IAM) solutions, where role-based (RBAC) and attribute-based (ABAC) access control rules are used to define the privileges. However, these IAM solutions are designed only to establish a trusted user and are not capable of enforcing user behavior based on the information being sent and received, according to Jason Macy, CTO with Forum Systems.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

PAM Solutions: Critical to Securing Privileged Access

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
  • PAM Solutions: Critical to Securing Privileged Access-5

    PAM: Finding the unknown

    The operative word in privileged access account is privileged. These users are using legitimate credentials to access the database or network, but how do you know if their use is authentic or nefarious? PAM solutions are built from traditional Identity Access Management (IAM) solutions, where role-based (RBAC) and attribute-based (ABAC) access control rules are used to define the privileges. However, these IAM solutions are designed only to establish a trusted user and are not capable of enforcing user behavior based on the information being sent and received, according to Jason Macy, CTO with Forum Systems.

Data breaches as a result of compromised privileged access are widespread, which is one reason why Matt Dircks, CEO with Bomgar, predicted that we’ll see more and serious breaches and security incidents involving privileged access. “Hackers need high-level access, which they get through targeting privileged users like IT professionals, CEOs and vendors via phishing or malware to achieve their financial goals or other motivations,” Dircks said in an email comment. “These users are targeted by the threat actor because they are likely to have access to other privileged credentials that the hacker can leverage to increase dwell time and compromise their target.”

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution.

“PAM and its automation are crucial to minimizing risk and losses caused by insiders and intruders that steal credentials or exceed their authority,” said Philip Lieberman, president of Lieberman Software. “The technology reduces the labor of IT to maintain compliance and radically reduces the labor costs of changing passwords by hand.”