Book Demo!

The Privileged Account Management Landscape

Privileged Accounts Management (PAM) is an area that concerns itself with operations related to non-individual user accounts often used by machines for intercommunication or by admins to perform maintenance activities. Examples of such accounts include:

  • Accounts used by machines to communicate between each other;
  • Accounts shared by groups of people (external billing, corporate representatives);
  • Accounts for Database Administrators, database schema, application pool owners, global administrators;
  • Local computer accounts (root, administrator, tomcat, jenkins, jira);
  • Built-in IoT accounts (sensors, printers, routers, coffee machines, cameras, beacons).

The supplemental and distinctively different area of account management in a broader sense is Individual Accounts Management (IAM) function that focuses on managing accounts that belong to specific users. IAM functions include users and groups management, password policies definition and its enforcement, authentication and authorization to access certain resources like folders or network devices. User directories (such as Microsoft Active Directory) with related tool sets are the primary players on the IAM market. IAM is a good illustration of PAM boundaries in a sense that it operates in the area where PAM does not. Typical IAM use case involves multiple users and relatively few devices and services per user (likely a personal laptop with AD login that opens access to other necessary services) while a typical PAM use case involves relatively few users (likely administrators) accessing large number of disconnected services.

Typical PAM activities include the following

  • Remember, share and access privileged account passwords, keys or certificates based on permissions given to users or scripts;
  • Generate and automatically reset passwords based on policies (periodically or event-based after disclosing the password or after activities involving the account);
  • Provide access to devices without disclosing passwords by establishing interactive sessions to a remote computer;
  • Establish, record and share sessions while accessing remote console;
  • Discover unmanaged privileged accounts (one time or periodically scanning the network);
  • Execute scripts on managed devices and collect, analyze and manage the script execution results;
  • Save event logs about access and activities related to the managed privileged accounts.

The need in privileged accounts management program first appears in the organizations with high level of automation and many software services offered internally by the enterprise of consumed from the external entities. Born to address the early needs of a large company, typical privileged account management software tends to be bulky, niche, based on outdated technology often involving agents installed on hundreds of devices, expensive, significantly involving services during POC, implementation, and maintenance and typically out of reach of anyone but huge corporations.

Where Privileged Account Management Intersects with the Modern Software Landscape

However, modern software landscape with its proliferation of automation, B2B communication, distributed workforce, IoT, mobile access and cloud computing sets ambitious account security and access management requirements for every participant on the market. Whether a department administrator emailing a certificate to an offshore contractor, a developer commiting a script with a hard coded password to a source repository, or an accountant taking home a notebook with a list of shared billing portals accounts operate on a scale visible only to large corporate entities just several years ago.

This modern business environment creates a need for a simple to install and easy to maintain, agentless, fast in development to quickly address new situations, modern, affordable privileged account management system. Our mission is to make the world better connected and more secure.

Download Today!

Xton Access Manager is an unlimited, agentless, cross-platform privileged access management solution built from the ground up with an enterprise feature set. Simple to implement, without your typical enterprise cost and effort.

Xton Access Manager is now available for download. Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.

    Please fill out the form below to download Xton Access Manager.

    What interests you most about Xton Access Manager?

    Trial registration may take up to 30 seconds to complete. Please do not Refresh this page after submitting.


    Mark Klinchin

    I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

    1 Comment

    Xton Session Management | Xton Technologies · July 20, 2017 at 9:54 am

    […] its heart Xton Special Account Manager is an RDP, SSH and VNC gateway to HTML5 that transmits its data over HTTPS protocol. We call it […]

    Comments are closed.

    Related Posts

    Industry

    Insider Abuse, Google and Privileged Users

    Recent news reports found that Google fired dozens of employees from 2018 -2020 for abusing their access to company data. While insider abuse is not new, it is a growing threat and one that companies Read more…

    Industry

    Is the Healthcare Industry Doing Enough Around Cybersecurity?

    Ransomware, phishing, and cyberattacks in the healthcare sector are increasing. In 2020, healthcare was a top industry targeted by cybercriminals. With the average cybersecurity attack costing $7 million, is your healthcare organization doing enough to Read more…

    Industry

    Improving OT Security

    The Colonial Pipeline cyberattack brings operational technology/OT security strategies to the forefront. According to a CSO article, it’s the lack of visibility into the security status of OT systems likely forced the shutdown of their pipeline Read more…

    Copyright © 2020 Xton Technologies, LLC. All rights reserved.