Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged accounts in organizations and companies. Traditionally, privileged users were mostly confined to various levels of IT administrator but in modern organizations many more users need access to privileged accounts, and the definition of what constitutes privileged has also changed. This now includes access to sensitive data and information assets such as HR records, payroll details, DevOps services, financial information or intellectual property, and even social media accounts.
In recent years, PAM solutions have become more sophisticated making them robust security management tools in themselves. While credential vaulting, password rotation, controlled elevation and delegation of privileges, session establishment and activity monitoring are now almost standard features, more advanced capabilities such as privileged user analytics, risk-based session monitoring, advanced threat protection, and the ability to embrace PAM scenarios in an enterprise governance program are becoming the new standard to protect against today’s threats
Among the key challenges that drive the need for privilege management are:
- Abuse of shared credentials
- Abuse of elevated privileges by unauthorized users
- Hijacking of privileged credentials by cyber-criminals
- Abuse of privileges on third-party systems
- Accidental misuse of elevated privileges by users
- The requirement to perform attestations on privileged users and admin accounts
- Discovery of shared accounts, software, and service accounts across the IT infrastructure
- Identifying and tracking of ownership of privileged accounts throughout their lifecycle
- Auditing, recording, and monitoring of privileged activities for regulatory compliance
So, while demands on PAM have increased, the type and size of organizations needing protection for privileged accounts is also changing rapidly. Smaller and specialist businesses realise that the number of privileged accounts is increasing as they adopt a more digital business model, or they are part of a supply chain that requires third party access to their own files and services. The pattern of increased home working due to Covid 19 in 2020/21 has created demand for privileged access from remote endpoints, which may not be secure as they should be.
PAM vendors are responding to all these changes in different ways, by adding more specialised modules to already comprehensive platforms while other, often newer, vendors are targeting one aspect of the PAM market demands such as securing DevOps. But as PAM requirements become more complex for organizations to manage on their own, vendors are also starting to deliver PAM as a service in which management, security and maintenance of privileged accounts can be undertaken by the vendor, usually as cloud based service or purchased from a third party MSP. While not exclusively, this solution often appeals to smaller businesses or larger enterprises seeking to run a hybrid PAM set-up with the SaaS solution used in specific LOBs. In this Executive View we look at ARCON PAM SaaS and how its fits into this growing market.