Book Demo!

For the second year in a row, Gartner lists Privileged Access Management (PAM) as the top security project for 2019. In this CIODive article, Gartner’s Brian Reed writes that PAM projects should help organizations discover and apply appropriate controls to privileged accounts so hackers have a hard time accessing them. He continues to say that PAM projects must support on-premises, hybrid and cloud environments and, at a minimum, use multifactor authentication (MFA) for all administrators and third-parties.

How does multifactor authentication complement a PAM solution?

At its core, multifactor authentication is a method of access control that requires a user (or software or machine) to present multiple pieces of evidence or identifiers before granting access (or authenticating them) to company systems. These identifiers can be passwords, knowledge-based questions, or one-time passwords (OTP) generators, mobile devices, etc. With MFA, even if passwords are stolen, it’s unlikely that the hacker also has the phone and OTP generator.

While MFA is valuable for all employees, it is critical for admins and privileged users who have elevated credentials to your systems and data. Hackers or suspicious actors who gain privileged credentials can access your most sensitive company and customer data. They can move laterally through your business network, evade detection and cause serious damage to a business reputation and put you in violation of compliance regulations.

When MFA is combined with a PAM solution, companies have a multi-layered approach to securing privileged accounts. The MFA solution works on the front end as an additional layer of user authentication. In the case of stolen credentials, MFA helps ensure that the person accessing the PAM solution is who they say they are. Once authenticated, the PAM software provides a one-time-use password to the desired systems. Using the principle of least privilege, PAM software can further restrict access rights for users, accounts, and computers/applications to only those resources required to perform their job effectively. Session manager capabilities also help identify inappropriate permissions, record each session for compliance and send alerts if the software notices any suspicious activity.

Considering the advantages, it’s no wonder Gartner recommends integrating PAM with MFA solutions for privileged accounts.

Integrating PAM with MFA 

XTAM for privileged management integrates with leading MFA solutions. XTAM supports RADIUS for authentication which most MFA providers utilize in their own solutions. Therefore many MFA products can be successfully integrated with XTAM. We offer direct integration with MFA offerings such as RADIUS, DuoSecurity, Google Authenticator, and Yubikey. More importantly, our development team will work with customers to support their specific MFA or 2FA provider.

Below is a list of resources to help with MFA configuration for PAM

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts


Improving Database Security with Privileged Access Management

Cybercriminals and hackers want access to your most sensitive information and systems. Customer data, PPI, and company secrets are often kept in databases. With cyber threats on the rise, database security has never been more Read more…


The Challenge with Jump Servers and Privileged Accounts

A lot of companies rely on jump servers as part of their security strategy.  It’s common for a company to create a jump server for IT administrators to connect to SSH and RDP as part Read more…


Insider Abuse, Google and Privileged Users

Recent news reports found that Google fired dozens of employees from 2018 -2020 for abusing their access to company data. While insider abuse is not new, it is a growing threat and one that companies Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.