Share:
PAM offer
Why is privilege access management (PAM) essential to any cybersecurity plan?
More than ever, the digital transformation of companies is accelerating and affecting all sectors of activity.
In this context, which favors the move to the Cloud, the explosion of connected objects and the democratization of telecommuting, the information system assets of companies have become increasingly rich, complex, decentralized and above all vulnerable to new forms of cyberattacks.
Indeed, the most critical and widespread of these are the vulnerabilities that allow hackers to elevate their privileges. According to the latest Verizon report "Data Breach investigations 2020", 80% of attacks involve the use of lost or stolen credentials. To protect against these cyberattacks, it is essential to map, control and monitor privileged access to critical corporate resources.
What is privileged access?
Privileged access refers to the end-to-end connection chain initiated by an internal or external actor using privileged credentials and having the necessaryauthorizations to manage critical resources/services hosted in the cloud, on-premise or hybrid.
This new way of looking at privileged access extends the PAM scope to new dimensions and new use cases:
The maintenance actions carried out by the support teams of a software publisher, industrial constructor or info-manager;
Securing the device - end-point - used by internal administrators to manage resources;
A post made by a community manager on the company's social networks is also considered as a high-privileged access (in case of malicious misuse of these accesses, the company could suffer significant damage to its e-reputation);
The implementation of rights management through the "Least Privilege" principle - both on the desktop and on infrastructure elements. This approach provides users with the ability to elevate their privileges in a controlled, ad hoc manner for business needs that are clearly defined through a security policy. In this way, the management of the least privilege makes it possible to remove the users' administrative rights on the Digital Work Environment;
With the generalization of DevOps approaches, the PAM must also be understood at the non-human access, API keys, SSH, Secret Devops, etc. are all entry points to be controlled on the Information System of the company.
What is Privileged Access Management (PAM) and security?
Securing privileged access consists of setting up a governance, organization and technological ecosystem for managing privileged access.
The objective of this ecosystem is to control privileged access through :
- Discovering and securing privileged credentials (accounts and passwords) in a central, shared vault: administration account, service account, machine account (IoT & DevOps platform), maintenance & support account, etc. ;
- Logging of connection sessions to ensure thorough traceability of administration actions and accountability of actions in case of use of shared accounts by several actors;
- Centralization of authorizations for access to critical resources to ensure the principle of least privilege;
- Enforcement of a password policy: implementation of automatic and periodic password rotation for privileged accounts;
- Centralizing access to resources through the Bastion - or proxy - functionality to establish a protocol break.
Other functionalities can be added to this vision, such as: the reporting capacity or the implementation of a process to request privileged access on a temporary basis.
The PAM solution at the heart of the Information System
Considering the PAM solution as a technical solution isolated from the rest of the Information System would be a serious mistake. It is important tointegrate itwith the rest of the Information System in order to build a 360° identity ecosystem without silos.
The PAM solution must be able to :
- Transfer actionable traces to SIEM systems (IBM Qradar, Splunk, etc.);
- Delegate authentication and support strong authentication from an Access Management solution (Okta, Ping, Ilex, etc.);
- Consume provisioning orders for automatic account creation or upload authorizations to IGA solutions (One Identity, Sailpoint, Saviynt, etc.) for recertification campaigns;
- Interface with CMDB solutions to industrialize the recognition of new assets.
Most of the solutions on the PAM market (Wallix, CyberArk, BeyondTrust, Delinea) are following this direction by offering standard connectors and opening access to their APIs.
How does Synetis support its customers in the deployment of a PAM strategy?
Synetis offers different types of support, adapted to the level of maturity, the level of support and the desired budget:
Privileged account governance at Synetis
More than 15 consultants dedicated to Privileged Access Management;
Active partnerships with major market players such as BeyondTrust, CyberArk, Delinea and Wallix;
Technical certifications acquired from the editors;
A cross-functional vision including integration with Access Management or Identity Governance and Administration solutions;
More than 100 projects delivered over the last 5 years for organizations of all sizes, projects of all types (scoping, audit, integration, TMA, CDS) - with a commitment to results or means.
You might be interested in these articles:
