Content of Figures
Privileged Access Management (PAM) platforms are cybersecurity components that address the risks associated with the use of privileged access in companies across all sectors. It is recorded that most successful cyber-attacks involve the misuse of privileged accounts, and misuse is enabled by poor management using inadequate PAM software, policies, or processes. Some of the malicious activities that PAM must control are abuse of shared credentials, misuse of elevated privileges by unauthorized users, theft of privileged credentials by cyber-criminals and abuse of privileges on third-party systems.
A 2020 report1 stated that potentially malicious privileged access from an unknown source accounted for 74% of all privileged access anomaly behaviour detections. So even if the source turns out to be benign, time and resources are spent on verification that would be avoided by an up-to-date PAM installation. It is clear hackers are actively targeting privileged accounts as the best way to get inside an organization and increasingly use them to mount ransomware attacks. Therefore, PAM is an essential component in protecting organizations against cyber-attacks, malware distribution, phishing, and data exfiltration.
Traditionally, privileged accounts were mostly given to administrators who needed access to other user accounts to perform maintenance and upgrade tasks. Some other senior employees may have also been given elevated access rights for specific tasks. This is no longer the case as privilege management use cases extend across entire organizations, with users requiring task-based access to data, services and applications held on legacy and multi- cloud-based infrastructures. And of course, admins still need to perform those traditional privileged tasks!
This change has meant PAM software has developed considerably in the last few years. New and traditional vendors have responded well to demands for more advanced PAM capabilities suitable for the modern computing era.
Interest in Zero Trust Architecture (ZTA) designs and policies has grown. Buyers are increasingly aware that a well configured and up to date PAM platform can be an integral part of any such architecture.
However, the future of business operations will revolve around a new paradigm for highly dynamic IT architecture that melds multiple types of clouds with legacy networks on premises, partner networks and even, in some cases, mainframe installations. This Dynamic Entitlement Resource and Access Management (DREAM) paradigm is what the next iteration of PAM platforms (and other identity and data governance tools) must be engineered to fit; to deliver secure access and greater business value across a new generation of cloud resources.
These ultra-hybrid networks will test existing identity and security frameworks to their limit and call for solutions that provide rapid access to dynamic resources wherever they are held - to where they are required. This is the environment in which Micro Focus NetIQ Privileged Account Manager and other PAM platforms will be deployed into.
2 Product Description
UK based software vendor Micro Focus markets its core PAM platform under the NetIQ brand, a former acquisition, and part of the company\'s CyberRes se ...
One area we would like to see better addressed is support for DevOps and other agile Ops environments as capabilities remain limited to Ansible script ...Login Get full Access
3 Strengths and Challenges
Micro Focus has done well to improve the desirability of its PAM platform in recent years and it now sits among the Overall Leaders in the 2021 PAM Le ...Login Get full Access
4 Related Research
Architecture Blueprint: Access Governance and Privilege Management - 79045
Blog: PAM Can Reduce Risk of Compliance Failure but is Part of a Bigger Picture
Blog: Privileged Access Management Can Take on AI-Powered Malware to Protect
Blog: Taking One Step Back: The Road to Real IDaaS and What IAM is Really About
Market Compass: Data Governance Platforms -71137
Leadership Brief: Privileged Account Management Considerations - 72016
Leadership Compass: Identity Provisioning - 70949
Leadership Compass: Identity Governance & Administration - 71135
Leadership Compass: Privileged Access Management - 80636