Book Demo!

For the second year in a row, Gartner lists Privileged Access Management (PAM) as the top security project for 2019. In this CIODive article, Gartner’s Brian Reed writes that PAM projects should help organizations discover and apply appropriate controls to privileged accounts so hackers have a hard time accessing them. He continues to say that PAM projects must support on-premises, hybrid and cloud environments and, at a minimum, use multifactor authentication (MFA) for all administrators and third-parties.

How does multifactor authentication complement a PAM solution?

At its core, multifactor authentication is a method of access control that requires a user (or software or machine) to present multiple pieces of evidence or identifiers before granting access (or authenticating them) to company systems. These identifiers can be passwords, knowledge-based questions, or one-time passwords (OTP) generators, mobile devices, etc. With MFA, even if passwords are stolen, it’s unlikely that the hacker also has the phone and OTP generator.

While MFA is valuable for all employees, it is critical for admins and privileged users who have elevated credentials to your systems and data. Hackers or suspicious actors who gain privileged credentials can access your most sensitive company and customer data. They can move laterally through your business network, evade detection and cause serious damage to a business reputation and put you in violation of compliance regulations.

When MFA is combined with a PAM solution, companies have a multi-layered approach to securing privileged accounts. The MFA solution works on the front end as an additional layer of user authentication. In the case of stolen credentials, MFA helps ensure that the person accessing the PAM solution is who they say they are. Once authenticated, the PAM software provides a one-time-use password to the desired systems. Using the principle of least privilege, PAM software can further restrict access rights for users, accounts, and computers/applications to only those resources required to perform their job effectively. Session manager capabilities also help identify inappropriate permissions, record each session for compliance and send alerts if the software notices any suspicious activity.

Considering the advantages, it’s no wonder Gartner recommends integrating PAM with MFA solutions for privileged accounts.

Integrating PAM with MFA 

XTAM for privileged management integrates with leading MFA solutions. XTAM supports RADIUS for authentication which most MFA providers utilize in their own solutions. Therefore many MFA products can be successfully integrated with XTAM. We offer direct integration with MFA offerings such as RADIUS, DuoSecurity, Google Authenticator, and Yubikey. More importantly, our development team will work with customers to support their specific MFA or 2FA provider.

Below is a list of resources to help with MFA configuration for PAM

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts


Can I use Microsoft Local Administrator Password Solution for privileged management?

Lately, we have received questions about using Microsoft Local Administrator Password Solution (LAPS) to manage local administrative privileges. With more employees working remotely these days, companies are looking for ways to boost their security posture Read more…


Protecting PII and Personal Data During a Pandemic

Regardless of the business you are in, you likely must adhere to some government guidelines or regulations (HIPAA, GDPR, Sarbanes-Oxley, PCI DSS, ISO/IEC 27002 controls, etc.) regarding how you store, use and secure information. This Read more…


5 Reasons MSPs Need PAM Software

It is a busy time for managed service providers. Many small and medium-sized companies just don’t have the resources in-house to manage all their IT, security, remote access and cloud requirements. Outsourcing IT and cybersecurity Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.