KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Are you trying to implement a Zero Trust architecture in your environment? A critical component of Zero Trust is making sure you cover your privileged users which these days go well beyond system administrators. Join Michael Dullea, Head of Product Management for Symantec PAM, as he discusses how the combination of proxy-based and agent-based privileged access management approaches offer complementary capabilities needed to achieve zero trust access to the accounts that hold the keys to your kingdom. Understand why the traditional proxy-based approach just isn't good enough, and how PAM technologies need to integrate with endpoint, network, and information security controls to provide better protection for your data.
Are you trying to implement a Zero Trust architecture in your environment? A critical component of Zero Trust is making sure you cover your privileged users which these days go well beyond system administrators. Join Michael Dullea, Head of Product Management for Symantec PAM, as he discusses how the combination of proxy-based and agent-based privileged access management approaches offer complementary capabilities needed to achieve zero trust access to the accounts that hold the keys to your kingdom. Understand why the traditional proxy-based approach just isn't good enough, and how PAM technologies need to integrate with endpoint, network, and information security controls to provide better protection for your data.
So, let me start by just talking about what zero trust is for those of you who aren't familiar with zero trust zero trust is a security principle and architecture first came to light several years back from an Analyst, another Analyst in the industry who coined the term, but it didn't really gain any traction in the industry until very recently until we had technologies that really sort of matured and, and were able to sort of offer capabilities that fit well into this, into this idea into this security model.
So at its core, what zero trust is, is it's a data-centric security architecture centered on the belief that you should not trust anything or one, whether it's inside or outside of your perimeters. So zero trust, you have to verify everything, the tries connect to your resources, whether it's humans or non-humans. So an application, for example. And so your author authorization to this connection is based off of the content and overall trustworthiness. So what I mean by that is, do you trust the identity is the context there.
So, you know, if they're trying to connect, do you understand why they're trying to connect? And then lastly, do they have a history of trustworthiness? And if they do, and you've granted this access, then that's great. But then the last piece to this puzzle is now you want to enforce least privileged access. And so this is key, especially for trying to mitigate around insider threats or mitigate around potentially a compromised device. Right?
So, so zero trust is, is basically don't trust anybody or anything, whether it's outside of your network or inside of your network. And I'm gonna, I'm going to just throw out a couple of scenarios for you that I think we, we should all think about and, and really think about how this fits in, because I think it fits very well into this type of, of approach this type of model. So number one is migrating your business to the cloud. We know over the past several years that the, the migration of workloads and, and applications over to the cloud has increased significantly.
And so what that means is that, you know, the perimeter, the network perimeter, as we, as we call it, it has become incredibly fluid and dynamic. And it's no longer really a, a static entity because there's been a seismic shift in migrating these workloads over to the cloud.
So, you know, things like the internet of things has be, has gained in popularity as well. Mobile access, as we all know, has, has gained significantly in popularity, as well as this geo distributed workforce. And so as such the adoption of SAS applications have really taken hold within our, our businesses as companies, enterprises are really looking to scale their applications and reduce costs. So now we have files, documents, emails that are out in the cloud today, right, with applications like office 365. And so our infrastructure now extends to hybrid architectures.
It's no longer on premise architecture. It is, it is a mix, right? A hybrid of on-premise architecture with various cloud platforms like Amazon, AWS, for example, or Microsoft Azure or, or Google cloud, which we've seen personally, just a big spike in interest over the last I'd say year or so. And so with this new world, this new modern architecture that we're now seeing, what that ultimately means is that we now have an expanded surface area for attack, right?
And so now gaining privileged access and an environment like this now carries significantly more risk, significantly more weight, because when you think about, you know, a privileged credential in your hybrid expanded hybrid environment, a credential, which is essentially the keys to the kingdom, you think about what they can do now in that type of environment, it much more risky, much more damaging than in the past.
And, and we all know if you go back, if you go back over the past, let's say five years, and you look at all of those publicized data breaches, inevitably in almost every single case, it's going to involve a compromised, privileged account, right? So it is critical critical when you're talking about the zero trust framework that you are focusing on and keeping in mind that privilege account and making sure that you are really controlling access and understanding who is requesting that access and what they're trying to do.
And once you allow that to ensure that that's the only thing that they're doing with that account, enforcing that least privilege second scenario. And, and this is as relevant today as it's ever been, as we all know, is this shift to in anywhere any device type workforce. And if you look at the statistics before COVID 19, you know, 31% of our workforce was what we would say working from home on a regular basis. And now with COVID 19, now that we're in the middle of this pandemic, you know, naturally that percentage has spiked significantly, right?
And it's 88% and that's probably even conservative, but it's 88% of our workforce is now working from home on a regular basis. And so that has a lot of ramifications for how we, how we operate and ensuring that we're operating securely. And so we have to ask the question when this, when this pandemic is over, what is the new world gonna look like? Are we gonna go back to what it was before COVID 19? Is it gonna be more like 31% of our workforce working from home? Or is it gonna be closer to what we're seeing today with 88%?
Because I know a lot of companies are realizing that, you know, you can still maintain a level of operational efficiency by having all of your employees or most of your employees working from home. That's great, but are we positioned to operate in that fashion securely for the long term?
And, you know, we hope the answer we hope the answer is. Yes. But in order to do that, I would, I would argue that you would need something like a zero trust framework or architecture in place within your organization to be able to do this in the long term. So how does, how, how does the privilege access management capability sort of fit into this zero trust platform or framework it does in a number of ways. And if you look at it, you know, let's start with the data and that's what techno that's ultimately what we're trying to protect, right?
Your company's data and Pam technologies at the heart of it, what we are controlling, privileged access to privileged accounts, they can ultimately gain hold of that data. And so the, the technology itself is managing and controlling all of that access and monitoring all of that access with the ultimate goal of protecting that data. Number two is the people, right? So technologies can enforce multifactor authentication to make sure that only authorized users can access produce accounts, making sure that the people that are requesting that access, verifying that they are who they say they are.
Number three is devices. We have Pam technologies today that can validate devices that are attempting to use the privilege account. And if it's an unknown device or it's an unusual request, we can prevent that authorized access. So really truly understanding what it is, who it is that are trying to access this number. Number four is the networks, the Pam technologies today protect access to the devices that actually safeguard your network and your perimeter, which is key.
If somebody were to gain access to one of those types of devices, you can, you can imagine the type of malicious damage they could perform with that kind of access. Number five is, is the workloads. I talked a little bit about the migration of cloud workloads or workloads into the cloud. And you think about, you know, how DevOps over the last four years or so has really been ingrained in, in organizations and companies and, and, you know, being able to automate those DevOps tool chains and those cloud workloads through something like secrets management, for example, right?
I mean, Pam technologies plays very well into DevOps environments and protecting those secrets, locking down those secrets. So it's, it's a, it's a perfect technology for that type of environment. And then the last thing I wanna say is, is automation and analytics. I think this is an area in particular that has matured very well over the last few years.
You know, the analytics component really in the marketplace today in this space today has gotten a very mature in that, you know, we, we can understand what we would consider normal user behavior, and more importantly, understand what is unusual or abnormal behavior, and then perform actions off of that, right? So the automation component comes into play here where you can automatically mitigate against some potential threat that's going on based off of the analytics that, that you've uncovered.
And, and the analytics component is a core piece of, of Pam technologies today. Okay. So just spending a minute to talk about our product set and how, how this fits very well. So Symantec privileged access management, and for those of you not aware, you know, this was previously CA privileged access management. We were recently acquired by Broadcom and then who acquired Symantec. So there's been a little rebranding going on, but the technology is, is the same.
And it is Symantec privileged access management that we, we have all the capabilities designed to prevent data breaches by protecting privileged credentials, controlling, privileged access monitoring, and recording all that user activity across your hybrid enterprise. It's no longer just an on-prem deployment.
It's, it's always a mix of an on-prem and cloud footprint as well, but you have to make sure that you protect the entire hybrid enterprise and capabilities that we have today around privilege access management are, you know, obviously the credential vaulting, which is critical to any Pam solution session recording for auditing purposes as well, user behavior and risk analytics, which is, I'd say one of our key unique areas where we have the ability to proactively mitigate against any medium or high risk activity that we identify host based.
Access control is another unique element of our solution, where we can offer very fine granular level of access control by having an agent software that is deployed on that target system or server itself. So that if an administrator Bob, for example, is using a privileged account and he's on that server, our software will make sure that he's only performing the activity that he's allowed to do as defined by his role.
If he tries to perform something that's outside of his role, but it's outside of that least privileged access, we will actually intercept that command and block it from occurring. So that that's where that least privileged access concept of the zero trust framework really comes into play here, automated application, password management.
You know, it's not just humans that are leveraging these types of privileged accounts. It's non-humans as well, applications, scripts, RPA, robotics, process automation, bot technologies, lots of different things need access, need privileged accounts. And you wanna make sure that all of those things are, are, are being managed by a Pam solution. And then of course, as I mentioned, the hybrid environment, right, this has to, this has to be a solution that spans your entire hybrid enterprise, not just a portion of your enterprise.
All of this is complimented within our Symantec portfolio by other critical capabilities needed necessary for the zero trust framework, like EDR endpoint detection and response cloud-based technologies like the SB cloud access security broker, secure access cloud authentication with our VI product, data loss prevention and protection and advanced threat protection as well. And it's all driven by a very comprehensive analytical platform in all, you know, integrated with an integrated cyber defense platform as well.
So I think the Symantec portfolio plays very well into this type of framework with, with those capabilities. So our approach to zero trust security is, is really to give you all of those capabilities together. It's an integrated approach that allows you to embrace and enforce the new architecture, new security model. So you have users, devices, both managed and unmanaged trying to connect and gain access in our capabilities can be used to ensure that the endpoints are secure used to ensure that the authentication is there.
They are, who they say they are. We have continuous verification, real time inspection, and a very comprehensive analytical platform for risk based adaptive policy. And our Pam solution fits very well at the heart of this model for controlling the privileged access and ensuring the privilege, least privileged access is enforced. And so a, a platform approach overall beats point solutions. And it does so because it has the integrations in place that can ultimately deliver improve security outcomes.
It reduces the operational complexity because of this single platform, single set of technology approaches and provides a better visibility for auditing and compliance altogether with one unified one unified view, and then our Symantec privileged access management value proposition here is that number one, it's the most efficient solution out there today, giving you the ability to manage and audit your privileged access activity from a single console. It has the most value with a very low total cost of ownership. It's an all on one appliance that can be quickly deployed for fast time to value.
And it gives you comprehensive layers of pan protection offering both course and fine controls from a single platform. And so I know we had a short window. I see it looks like my time was up on the screen there. I wanna thank you all for attending and, and listening to me in today's session, you know, I will be around and, and, and on logged into that, the Casey lab platform, I'm happy to answer any questions that you may have. So thank you very much for attending today's session.
