Share :
PAM offer
Why is privilege access management (PAM) essential to any cybersecurity plan?
More than ever, the digital transformation of companies is accelerating and affects all sectors of activity.
Against this backdrop of a move to the cloud, the explosion of connected objects and the democratization of teleworking, companies’ information system assets have become increasingly rich, complex, decentralized and, above all, vulnerable to new forms of cyber-attack.
Indeed, the most critical and widespread of these are the vulnerabilities that enable hackers to elevate their privileges. According to Verizon’s latest “Data Breach investigations 2020” report, 80% of attacks involve the use of lost or stolen credentials. To guard against these cyberattacks, it is essential to map, control and supervise privileged access to critical corporate resources.
What is privileged access?
Privileged access today refers to the end-to-end connection chain initiated by an actor inside or outside the enterprise, using privileged credentials andempowered to manage critical resources/services hosted in the cloud, on-premise or hybrid.
This new way of considering privileged accesses extends the PAM perimeter to new dimensions and new use cases:
Maintenance actions carried out by the support teams of a software publisher, industrial manufacturer or IT manager;
Securing the end-point device used by internal administrators to manage resources ;
A post made by a community manager on the company's social networks is also considered high-privilege access (in the event of malicious misuse of this access, the company could suffer serious damage to its e-reputation);
The implementation of "Least Privilege" rights management - both on the workstation and on infrastructure elements. This approach provides users with the ability to elevate their privileges in a controlled, ad hoc manner for business needs clearly defined through a security policy. In this way, Least Privilege Management makes it possible to remove users' administrative rights to the Digital Working Environment ;
With the spread of DevOps approaches, PAM must also be understood in terms of non-human access: API keys, SSH, Secret Devops, etc. are all entry points to be controlled on the company's Information System.
What's involved in securing and managing privileged access (PAM)?
Securing privileged access consists in implementing privileged access management governance, organization and technology ecosystem.
The aim of this ecosystem is to control privileged access through :
- The discovery and securing of privileged credentials (accounts and passwords) in a central, shared vault: administration account, service account, machine account (IoT & DevOps platform), maintenance & support account, etc. ;
- Logging of connection sessions to ensure in-depth traceability of administration actions and accountability of actions when shared accounts are used by several players;
- Centralize authorizations for access to critical resources to ensure the principle of least privilege;
- Application of a password policy: automatic and periodic password rotation for privileged accounts;
- Centralized access to resources through Bastion - or proxy - functionality to establish a protocol break.
Other functionalities can be added to this vision, such as reporting capabilities or the setting up a process for requesting privileged access on a temporary basis.
The PAM solution at the heart of the Information System
It would be a serious mistake to consider the PAM solution as a technical solution that is compartmentalized from the rest of the Information System. It is important tointegrate itwith the rest of the Information System, in order to build a 360° identity ecosystem without silos.
The PAM solution must absolutely be able to :
- Transfer usable traces to SIEM systems (IBM Qradar, Splunk, etc.);
- Delegate authentication and support strong authentication from an Access Management solution (Okta, Ping, Ilex, etc.);
- Consume provisioning orders for automatic account creation or upload authorizations to IGA solutions (One Identity, Sailpoint, Saviynt, etc.) for recertification campaigns;
- Interface with CMDB solutions to industrialize the recognition of new assets.
Most solutions on the PAM market (Wallix, CyberArk, BeyondTrust, Delinea) are moving in this direction, offering connectors as standard and opening up access to their APIs.
How does Synetis support its customers in deploying a PAM strategy?
Synetis offers different types of support, adapted to the level of maturity, the level of support and the desired budget:
Expertise and scoping to help formalize use cases and requirements, help choose the right solution and define a PAM target, as well as a pragmatic project plan to reach it.
Customized deployment of solutions with a commitment to results, based on a seasoned methodology inspired by the agile approach.
An “off-the-shelf” PAM offering, adapted for rapid initial deployment and easy familiarization (with a clearly defined technical and functional scope).
A team of experts in the market’s PAM solutions to support deployment or operate solutions on integration.
The governance of Synetis' privileged accounts
More than 15 consultants dedicated to Privileged Access Management ;
Active partnerships with major market players such as BeyondTrust, CyberArk, Delinea and Wallix;
Technical certifications acquired from publishers;
A cross-functional vision, including integration with Access Management or Identity Governance and Administration solutions;
More than 100 projects delivered over the last 5 years for organizations of all sizes, for projects of all kinds (scoping, audit, integration, TMA, CDS) - with a commitment to results or means.
