According to Forrester 80% of security breaches involve privileged credentials. Verizon Data Breach Investigations Report, has reported that “privileged misuse” is the second most common category of security attack.
If a hacker gets access to your privileged accounts they can move around your network, applications and equipment. Malicious actors can steal your data, as well as delete it, modify it and change your settings or create persistent backdoors into your network. For any company (just ask Marriott/Starwood), the risk is significant – stolen user information, loss of intellectual property and damage to your brand. Not to mention possible regulatory fines, lawsuits, etc.
With statistics and risks like this, it’s no wonder that security professionals are turning to privilege access management (PAM) solutions.
Why invest in a PAM solution?
Until recently, many companies have managed privileged accounts and credentials using manual processes and password enforcement. It’s not unusual for organizations to rely on spreadsheets or a basic password manager (a bit of an improvement over a spreadsheet) to keep track of credentials.
Manual processes can quickly become hard to manage and outdated. The changing IT landscape, rise of cloud services and applications, and compliance regulations make manual approaches even more challenging. There are also multiple layers of technology within an organization with HR, Marketing, Supply Chain all managing their own specific applications. All this makes manual account and permissions management impossible for IT teams.
It’s time that companies rethink their PAM strategy and start evaluating solutions that help automate privileged account management.
Questions you should ask Every PAM Vendor
Gartner says that “privileged access management, is intended to make it harder for attackers to access privileged accounts as well as allowing security teams to monitor behaviors for unusual access.”
PAM software (also called privileged account management or privileged identity management) helps by providing end-to-end control for your privileged passwords, secrets, certificates and documents. PAM systems do this by putting privileged credentials inside a secure vault or repository. System admins and other privileged users must go through the PAM solution and be authenticated in order to access their credentials. More importantly, users can access the company asset/server via a high trust session without ever knowing the password. The software logs, records and monitors each session. Credentials and passwords can be reset after each use or if the password is never seen can be rotated based upon policy for the highest level of security.
For many businesses, PAM solutions were out of reach to due to cost, IT resources and complexity. Today that has all changed with a new host of enterprise-class solutions that are easy to install, implement and affordable. When evaluating solutions consider the follow questions:
- How is the privileged account management solution deployed? Can it work on-premises or in the cloud in physical or virtual environments, hosted on Windows or Linux OS?
- How long does it take to implement? What is the client install, server footprint, and is it agentless?
- Can you automate tasks such as password resets, discovery for servers and network devices?
- Does it offer a full audit trail for all privileged access and permissions? Extensive logging and reports, as well as integration into other systems.
- Can you establish secured high trust connections to remote devices and systems?
- Can you record privileged sessions with playback indexed by keystrokes, file and clipboard transfer events?
- Does the solution provide out-of-the-box controls to meet several crucial regulatory requirements such as GDPR, HIPAA, NIST 800-171 or ISO 27001?
- What is the solution’s pricing model? Is it a unified pricing model? And are all features included or do you have to buy separate modules?
- Is there a Free trail download or demo and how responsive is the customer support team?
- What is the product’s road map? And how often is the product updated to ensure the latest feature set and security patches?
Consider Xton Access Manager (XTAM)
XTAM for Privileged Access Management is the only solution that combines privileged account, passwords, sessions and task management in one product at an unbeatable price. Download a free trial today or contact us for a personalized demo.