The Seven Keys to a Successful Privileged Account Management Strategy
- LANGUAGE: English DATE: Tuesday, November 17, 2015 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
How can IT professionals successfully walk the thin line between protecting their organization's critical data and at the same time enable users and administrators to work productively? First of all, it is absolutely important to control, monitor, and audit privileged access in order to mitigate the risks posed by insider threats, prevent data breaches, and meet compliance requirements.
The key disciplines to developing a strategy for effective Privileged Account Management (PAM) are the management and automatic rotation of password, least privileged access, vulnerability integration, centralized reporting and analytics, directory bridging and, last but not least, auditing and protection. This combined strategy enables complete visibility into all user activity and controls identities, not only at the privileged level using a password management solution, but also down to every user identity. Regardless of the system.
In this KuppingerCole Webinar, we will discuss:
Where many privileged account management strategies fall short
How a comprehensive and centralized PAM solution could lower cost of ownership and simplify security policy enforcement
The top 7 PAM capabilities and best practices
In the first part of this webinar, Alexei Balaganski, Senior Analyst at KuppingerCole, introduces the concept of PAM, which, with increasing deperimeterization, has become increasingly important for nearly every business. Privileged insiders’ accounts are today the primary target for attacks. Holistic PAM approaches go beyond password vaulting by providing contextual security solutions.
In the second part, Morey Haber, VP of Technology at BeyondTrust, will give advice on where to begin a privileged account management project, how to progress to a higher level of security maturity, and what business outcomes to expect.
As users, devices and application workloads move outside the corporate network, the traditional model of enforcing security at the network perimeter is no longer effective. A Zero Trust model offers an alternative that secures data while ensuring it is accessible to employees, regardless of where they are working. But the path to achieving Zero Trust is unclear for many organizations.