KuppingerCole Report
Whitepaper
By Matthias Reinwarth

PATECCO Privileged Access Management Services

Privilege Management is the set of critical cybersecurity controls that deal with the management of security risks associated with privileged access in an organization. Maintaining control over privileged users, extended privileges and shared accounts demands for a well-integrated solution, consisting of risk mitigation, well-defined processes und well-executed implementation.

1 Introduction

Traditionally, the management of identities and their access to IT systems within an organization have been split up within different disciplines. Bus ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • Provides the KuppingerCole definition of Privileged Access Management.
  • Shows the integration of Privileged Access Management into an overall IAM a ...
Login Free 30-day Select Access Get full Access

3 Approaching Privileged Access Management from an Architechture Perspective

Privileged Access Management tools are designed to address scenarios such as use of shared accounts, monitoring of privileged activities and controlle ...

The building blocks are categorized as

  • indispensable (Core IAM),
  • complementary (Extended IAM) and
  • peripheral (Adjacent Areas of IT),

w ...

Login Free 30-day Select Access Get full Access

4 Privileged Access Management Solution: Functionalities and Capabilities

Privileged Access Management represents the set of critical cybersecurity controls that address the security risks associated with privileged users an ...

Login Free 30-day Select Access Get full Access

4.1 Basic and advanced PAM capabilites

Core functionalities of PAM tools include

  • Credential vaulting
    Technology and processes for the secure, audited storage of and access to passwords ...
Login Free 30-day Select Access Get full Access

4.2 Building blocks for PAM deployments

The following technologies and tools are important building blocks of today’s Privileged Access Management solutions. Depending on individual requir ...

Login Free 30-day Select Access Get full Access

4.3 Defining individual PAM landscapes

Regardless of the tool decision, the most important points are that Privilege Management is not mainly seen as a technical issue and that the customer ...

Login Free 30-day Select Access Get full Access

5 PATECCO Services for implementing Privileged Access Management solutions

Access to the resources and competencies of an experienced service provider can accelerate the implementation of a PAM project and its integration int ...

Login Free 30-day Select Access Get full Access

5.1 Gathering requirements

Being vendor neutral, PATECCO is in a good position to assist customers in shaping and scoping the overall PAM target landscape. Selecting the appropr ...

Login Free 30-day Select Access Get full Access

5.2 Identity Consolidation

The management of privileged identities and their access to critical systems only makes sense if all identities that are to be managed are unambiguous ...

Login Free 30-day Select Access Get full Access

5.3 Privileged Access Request

The central challenge for any privileged access management system is the use of a (minimum) four-eyes principle that uniquely identifies the requestor ...

Login Free 30-day Select Access Get full Access

5.4 Super User Privilege Management (SUPM)

PATECCO calls the ability to enable a "least privilege" access model for authorized users via authorization extension tools SUPM, Super User Privilege ...

Login Free 30-day Select Access Get full Access

5.5 Shared Account Password Management (SAPM)

When implementing PAM projects, PATECCO puts great emphasis on the protection of the assets of the respective organization. Shared accounts ought to b ...

Login Free 30-day Select Access Get full Access

5.6 Application to Application Password Management (AAPM)

A key design deficiency in programs that require automated access to critical systems (such as provisioning systems or other programs that use service ...

Login Free 30-day Select Access Get full Access

5.7 Summary of PATECCO Services for PAM implementation

PATECCO acts as a vendor neutral provider of value-added services and implements PAM solutions deploying products of market-leading PAM vendors, inclu ...

Login Free 30-day Select Access Get full Access

6 Recommendations

Privileged Access Management has grown from a merely basic and security discipline of limited scope to an important component in both IAM and enterpri ...

Login Free 30-day Select Access Get full Access

Copyright

©2019 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top