Securing privileged access through access management is vital because it\u00a0ensures that an organisation\u2019s people are only granted access to what they need to do their jobs, and only for the period for which they need it. Access management also allows security teams to be notified of malicious activities associated with privilege abuse and to subsequently react to remediate risk.<\/p>\n
A privileged account is a user account that has more privileges than an ordinary user. For example, they can read and modify the security-relevant configuration of a system, perform functions that can affect many users, and so on. As such, these accounts are the favourite of attackers (with 75% of organizations having experienced a breach\u00a0involving privileged access)\u200b and so need the maximum amount of security by a business.<\/p>\n
This webinar focused on securing access to IT assets such as servers. However, it is important to understand that secure access is also required in many other elements (such as applications) and that there are many different types of privileged access, making security not a one size fits all solution.<\/p>\n
Traditional security approaches used by organizations, including the traditional PASM solution, are not solely enough to secure privileged access from attackers because they do not address the 5 key questions that need answering for strong security, which are:<\/p>\n
\u00a0<\/p>\n
To address this issue, companies can improve the PASM solution<\/em> to make it more effective at securing privileged access. This is done by:<\/p>\n \u00a0<\/p>\n There runs the risk at project phase where admins reject the PASM solution because there was insufficient change management to onboard the admins on this solution from the start. To avoid this, onboarding and training admins on the PASM solution from the beginning is critical. Additionally, difficulty to deploy and cost can be a blocker of PASM solutions to organisations. Thus, the simpler the access model, the easier the solution will be to deploy and the less time it will take, meaning costs are reduced. Lastly, an on-premise PASM solution can run the risk of being very heavy and costly in terms of architecture so defining a SaaS solution would be beneficial. Although a thorough security solution, PASM solutions alone may not be the future of security solutions with the emergence of the ZSP strategy\u2026<\/p>\n Zero-standing privilege (ZSP)<\/strong> is an alternative security strategy that aims to replace persistent accounts and privileges with just-in-time and just-enough cases and can be applied at both the user and server level.<\/p>\n User level:<\/u><\/strong><\/p>\n ZSP applied at the user level increases the awareness of users, improves the traceability of organisations\u2019 operations, and helps limit the fat-finger risk.<\/p>\n Server level:<\/u><\/strong><\/p>\n\n
Are there any risks to PASM?<\/strong><\/h2>\n
\n