GigaOm Radar for Privileged Access Management – Gigaom
source link: https://gigaom.com/report/gigaom-radar-for-privileged-access-management/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Summary
Privileged credentials (administrator rights) are a top target for attackers from outside the organization, or even from among unhappy staff within, because of the access they provide. A Privileged Access Management (PAM) solution is implemented to reduce or remove the need for humans to know these privileged credentials, and reduces the chance that they might be misused.
The PAM system becomes the keeper of all privileged credentials, with policies that allow specific identified individuals access to use the appropriate credentials. To be the single source of privileged access, your PAM needs to support all of the authentication sources you use and all of the target systems to which elevated access permission is required. User acceptance is also important, and so the PAM solution should support or improve existing methods of accessing privileged systems, otherwise authorized staff will seek ways around the PAM solution.
A basic function of the PAM is to maintain an encrypted vault with the privileged credentials and other protected resources. Logging and session recording are crucial PAM features, and they allow auditing of privileged actions and forensic analysis after a privilege misuse event. Simply having logs and recordings is not sufficient; searchability is crucial for validating compliance and identifying the scope of any malicious access. Ideally, these logs would integrate into wider security analysis tools in a more holistic security approach.
Often, the PAM platform will act as a proxy or jump host to connect the unprivileged network where users operate to the privileged network that requires managed privilege credentials. The proxy function may support native tools, such as SSH or RDP gateway, or it may provide an HTML5 browser-based interface. The proxy may be part of the main vault application, or it may be deployable as a separate server, and can access the PAM vault as credentials are required. The separation of vault and proxy is essential when the PAM is used to bridge different trust levels such as internet-based privileged access, or any multi-tenant deployment such as PAM as a Service.
No matter how secure a PAM system is, there is always a risk of unintended disclosure of credentials or authorized staff who misbehave, whether accidentally or maliciously. Behavior analytics is a common method used to identify access that is being exploited inappropriately, and is commonly integrated with a PAM solution. Ideally, the user behavior analytics would be able to identify the individual user’s actions both with their own credentials and using the PAM to exercise privileged credentials.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
SolutionProfile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.
Full report available to GigaOm Subscribers.
Subscribe to GigaOm ResearchRecommend
-
8
What is Privileged Access Management (PAM) and Why It’s Important to Your Organization Data Security...
-
5
Summary The ways applications are developed and deployed are changing rapidly, pushing the storage industry to evolve quickly as well. Applications are moving to containerized environments, and containers—and thus Kubernetes—are be...
-
4
Summary This report focuses on cloud-native persistent storage solutions for Kubernetes. These are novel architectures specifically designed to address the needs of cloud-native applications without compromising on performance or s...
-
11
Are you looking to evaluate enterprise technologies faster? Sign up to watch GigaOm's 4-part on-demand research video series that breakdowns our research methodology and what differentiates us as a leader in...
-
8
ARE U BEING SERVED? — SolarWinds 0-day gave Chinese hackers privileged access to customer servers Hackers IDed as DEV-0322 have a fondness for defense contractors and software-makers....
-
8
Restrict su access to Privileged Accounts in LinuxHow can I limit the use of su command on Linux to only Privileged Accounts such as Admin user group?. The su utility requests appropriate user credentials via PAM and switches to that user ID...
-
11
Not FoundYou just hit a route that doesn't exist... the sadness.LoginRadius empowers businesses to deliver a delightful customer experience and win customer trust. Using the LoginRadius Identity...
-
6
Feature 7 top privileged access management tools Good management of privi...
-
5
Access management, identity governance and privileged access features converge in new Okta cloud tools
-
4
Guest Why privileged access management should be critical to your security strategy
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK