KuppingerCole Report
Buyer's Compass
By Paul Fisher

Privileged Access Management

Privileged Access Management (PAM) is one of the most important areas of risk management and security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, agile software development and digital transformation has meant that users of privileged accounts have become more numerous and widespread. To reduce the risk of privileged accounts being hijacked or fraudulently used, and to uphold stringent regulatory compliance within an organization, a strong PAM solution is essential.
By Paul Fisher
pf@kuppingercole.com

Content of Figures

  1. Figure 1 The PAM market is seeing dynamic growth as vendors seek to add better functionality to meet security challenges and more players enter the market.
  2. Figure 2 Advanced PAM elements. As the market demands have developed vendors have added more functionality to their solutions.

1 How to Use the Buyer´s Compass

This KuppingerCole Buyer’s Compass on PAM solutions provides information about

  • Use Cases
  • Functional Selection Criteria
  • Non-functional Selectio ...
Login Free 30-day Select Access Get full Access

2 Market Segments Defined

Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged ...

With the attack surface expanding and the number of attacks increasing every year, an integrated and more comprehensive PAM solution is most often req ...

At KuppingerCole, we classify the Privileged Access Management (PAM) market into the following key technology functions with PAM vendors providing var ...

Login Free 30-day Select Access Get full Access

3 Top Six Use Cases for PAM

The top six use cases for PAM are listed below in table I.

Use Case Description
Cyber Security Hackers and cyber criminals have ...
Login Free 30-day Select Access Get full Access

4 Top 20 Selection Criteria - Functional

When looking at products in detail there are often hundreds of different criteria to be evaluated. However, there are some criteria that are of higher ...

Login Free 30-day Select Access Get full Access

5 Top 10 Selection Criteria - Non-functional

Aside from the functional selection criteria listed above, there are several non-functional criteria to consider when deciding on PAM. Table III lists ...

Login Free 30-day Select Access Get full Access

6 PAM Selection Criteria and Use Cases Matrix

Having identified the most important use cases and selection criteria for vendors in PAM, this section provides a matrix that maps use cases and funct ...

KuppingerCole Advisory Services can support you with adapting criteria to your specific requirements and further services around selecting the appropr ...

Login Free 30-day Select Access Get full Access

7 Top 5 Prerequisites - Technical

Privileged Access Management cannot be isolated from other areas of IT Security. Thus, there are some technical prerequisites that should be met befor ...

Login Free 30-day Select Access Get full Access

8 Top 10 Prerequisites - Organizational

Success in PAM rollout depends not only on the technology selected; there are also various organizational prerequisites. The following table lists the ...

Login Free 30-day Select Access Get full Access

9 Top 10 Prerequisites to ask the PAM Vendors

Aside from asking for specific features, there are some more questions that are worth asking vendors. The following questions help in understanding th ...

Login Free 30-day Select Access Get full Access

10 Related Research

Advisory Note: Trends in Privileged Access Management for the Digital Enterprise – 71273
Architecture Blueprint: Access Governance and Privilege Management – 79045
Blog: PAM Can Reduce Risk of Compliance Failure but is Part of a Bigger Picture
Blog: Privileged Access Management Can Take on AI-Powered Malware to Protect
Blog: Taking One Step Back: The Road to Real IDaaS and What IAM is Really About
Leadership Brief: The Information Protection Life Cycle and Framework: Acquire and Access – 80371
Leadership Brief: The Information Protection Life Cycle and Framework: Control Access -- 80372
Leadership Brief: Privileged Access Management Considerations – 72016
Leadership Brief: Identity Fabrics – Connecting Anyone to Every Service – 80204
Leadership Brief: Leveraging Identity Fabrics on Your Way Towards Cloud Based IAM -- 80501
Leadership Compass: Identity Provisioning – 70949
Leadership Compass: Identity Governance & Administration – 71135
Leadership Compass: Privilege Management – 80088
Whitepaper: AI, Machine Learning and Privilege Access Management – 80120
Whitepaper: Digital Transformation for Business Enablement Requires a Modern Identity Fabric -- 80165
Whitepaper: Privileged Access Requirements for Small to Medium Size Businesses (SMB) – 80123
Whitepaper: Understanding Privilege Access Management – 80302

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded back in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.

top