KuppingerCole Report
By Paul Fisher

PAM for Managed Service Providers as an Added Value and Security Option

Privileged Access Management (PAM) is an essential component in protecting organizations against cyber-attacks, ransomware, malware, phishing, and data leaks. No longer a tool for protecting admin accounts only; privilege management now extends across the entire organization, from on-premises and cloud infrastructure to every user, no matter where they are working from, or what they are accessing. To assist with this, Managed Service Providers (MSP) are increasingly offering PAM capabilities to their portfolio. This Whitepaper examines the options for MSPs and their customers in the market for PAM as a Service.
By Paul Fisher

Commissioned by ARCON

1 Introduction / Executive Summary

PAM software and tools have traditionally been installed and run on-premises by the organization itself. In recent years, the growth in identities operating across cloud and digital services has seen vendors offering cloud-based PAM solutions to assist with this growing complexity and concomitant security challenge.

This experience in cloud-based platforms has led some vendors to offer complete PAM solutions that can be run as a service by Managed Service Providers, in order to protect existing services and client secrets. The advantage to MSP clients is that the heavy lifting of deploying a PAM solution falls to a third party, governed by strict contractual agreements. The result should be flexible, scalable and be automatically updated by the MSP. The security and compliance pressures on organizations is leading more to rely on MSPs for critical access and security functions to ensure business continuity.

2 Highlights

  • MSPs have become an established part of the IT landscape in recent years as businesses look to outsource technical functions normally operated on ...

Login Get full Access

3 The need for Privileged Access Management

PAM platforms are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and co ...

Login Get full Access

3.1 Some good reasons why MSPs should consider PAM

Small and medium-sized businesses (SMBs) with limited in-house IT resources are often MSP customers but are likely to process sensitive data. Larger e ...

Login Get full Access

4 The PAM challenge as laid down for MSPs

Adding a PAM layer around existing Managed Services, whatever they may be, is fully sensible but implementing this layer is not without challenges for ...

Login Get full Access

4.1 Key capabilities for PAM to protect MSP client data and services

Efficient operations management and dashboards

Any MSP should have full oversight of Privileged Access Management across all its tenants, no matter ...

Login Get full Access

4.2 ARCON PAM solutions designed to run as a service

Founded in 2006 and based in Mumbai (India), ARCON offers its Privilege Account Management Suite to manage privileged access across various delivery m ...

Login Get full Access

4.2.1 ARCON SaaS in use

ARCON has based all set up and configuration around a dedicated cloud portal that allows customers or partners to create the set up best suited to the ...

Login Get full Access

5 Recommendations

KuppingerCole recommends the use of an MSP for many IT and security functions in specific circumstances and by extension we welcome the growth of PAMa ...

Login Get full Access

5.1 Recommendations for Managed Service Providers

Understand the PAM market

Managing privileged accounts on behalf of clients is a big responsibility. Do not enter this market blind or list PAM capa ...

Login Get full Access

5.2 Recommendations for clients

Do your research

Handing over responsibility for Privileged Access Management to a third party is a big deal and involves hight levels of trust. Whe ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.