Security and risk management leaders recognize that disruption begins with privileged access, since it allows external attackers and malicious insiders to control organization resources, disable security systems and access vast amounts of sensitive data. Yet, as organizations increasingly adopt cloud-first strategies and implement DevOps methodologies, many are struggling to protect the widening attack surface, efficiently balance security and productivity and effectively address Privileged Access Management (PAM) risk.
Whether you are just getting started or planning more advanced PAM strategies to accelerate digital transformation, we believe Gartner’s new report, “Best Practices for Privileged Access Management Through the Four Pillars of PAM,”1 can serve as a valuable guide. In the report, Gartner outlines key challenges and makes recommendations that security and risk management leaders responsible for identity and access management should consider, including:
Track and secure every privileged account. Gartner states that “The discovery of privileged accounts is fundamentally important, because the existence of any unaccounted privileged access, for even a short time, carries significant risk.” Gartner further notes that “Privileged accounts used by people to log in interactively to software and devices for privileged task execution include: personal, privileged accounts, shared, privileged accounts, built-in, administrative accounts, such as local administrator and root, and privileged account used by software include: application-to-application credentials, service accounts, and credentials that can be embedded in code and stored procedures.”
Govern and control access. According to Gartner, “privileged access governance, understanding and implementing appropriate PAM access, requires two things: effective identity life cycle processes to ensure that all changes in accounts with privileged access are accounted for and proper tracking, accounting for every privileged account and what that account can access.” After mastering these, organizations can evaluate and install PAM tools to implement controls, such as granting Just in Time access across a set of privileged accounts as part of a phased approach.
Record and audit privileged activity. Gartner encourages organizations to use the following recommendation to define and implement your approach to recording, auditing, and alerting: “Notable PAM activity that should generate alerts includes failed login attempts for privileged accounts; privileged access that bypasses PAM tools; and unusual access activities, such as abnormal times or places.”
Operationalize privileged tasks. Organizations that have already invested in PAM should look for opportunities to extend the value of their tools to accelerate digital transformation initiatives – from DevOps to robotic process automation. Gartner recommends “good targets for automation are predictable and repeatable tasks, such as simple configuration changes, software installations, service restarts, log management, startup and shutdown.”
For an in-depth look at these recommendations, download a complimentary copy of the Gartner report.
Top 10 Security Projects for Security and Risk Management Organizations
According to Gartner, “by 2022, 90 percent of organizations will recognize that mitigation of PAM risk is a fundamental security control, which is an increase from 70 percent today.”* Is PAM a top security priority for your organization?
In our on-demand webinar, “Top 10 Security Projects for Security and Risk Management Organizations,” featured presenter Gartner VP and Distinguished Analyst Neil MacDonald outlines a risk-prioritized approach that places an emphasis on technology projects that maximize risk reduction for the resources required to deploy them. Register here to explore five of Gartner’s top security recommendations – including PAM.
1Gartner. “Best Practices for Privileged Access Management Through the Four Pillars of PAM.” Michael Kelley, Felix Gaehtgens. 28 January 2019.