 Privileged
Access Lifecycle Management
(PALM) is a technology architecture
framework consisting of four
continual stages running under
a centralized automated platform:
Access to privileged
resources, Control
of privileged resources,
Monitoring
of actions taken on privileged
resources, and Remediation
to revert changes made on privileged
IT resources to a known good
state.
1.
Access
Access includes the process
of centrally provisioning role
based time-bound credentials
for privileged access to IT
assets, to facilitate administrative
tasks. The process also includes
automation for approval of access
requests and auditing of access
logs.
2.
Control
Control includes the process
of centrally managing role based
permissions for tasks that can
be conducted by administrators
once granted access to a privileged
IT resource. The process also
includes automation for approval
of permission requests and auditing
of administrative actions conducted
on the system.
3.
Monitor
Monitor includes audit management
of logging, recording and overseeing
user activities. This process
also includes automated workflows
for event and I/O log reviews
and acknowledgements and centralized
audit trails for streamlined
audit support and heightened
security awareness.
4.
Remediation
Remediation includes the process
of refining previously assigned
permissions for access and/or
control to meet security or
compliance objectives, and the
capability to centrally roll
back system configuration to
a previous known acceptable
state if required.
Automation of the Privileged
Access Management Lifecycle
includes a central unifying
policy platform coupled with
an event review engine, that
provides controls for and visibility
into each stage of the lifecycle.
| Security |
Compliance |
|
Privileged Access is critical for
smooth ongoing administration of
IT assets. At the same time, it
exposes an organization to security
risks, especially insider
threats. The BeyondTrust solution
is unique as it provides centralized
visibility into policies as well
as actions (audit logs) related
to privileged access and control,
ensuring complete awareness of the
security posture at each stage of
the Privileged Access Management
Lifecycle. |
Privileged Access to critical business
systems, if not managed correctly,
can introduce significant compliance
risks. Segregation of duties, for
example, is a typical compliance
requirement that the BeyondTrust
solution elegantly addresses through
automated workflows for policy approvals.
The ability to provide an audit
trail across all stages of the Privileged
Access Lifecycle Management is critical
for compliance, and is often difficult
to achieve in large complex heterogeneous
IT environments. The BeyondTrust
solution aggregates audit trails
across multiple systems to simplify
and automate the audit review process
for compliance support. |
| Reduced
Complexity and Management Costs
|
Heterogeneous
IT coverage and Investment Protection
|
|
Effective Privileged Access Lifecycle Management
in large heterogeneous environments
with multiple administrators, managers
and auditors, can be an immensely
challenging task. The BeyondTrust
solution significantly reduces the
complexity and costs associated
with the Privileged Access
Lifecycle Management
by providing a central
automation platform for policy creation
and event reporting for each stage
of the Lifecycle. |
BeyondTrust provides a solution
for Privileged Access across a broad
range of platforms including Windows,
UNIX, Linux, AS/400, Active Directory,
databases, firewalls, and routers/switches.
With the Acquisition of BeyondTrust,
BeyondTrust provides a solution
for Privilege Controls for Unix
Servers as well as Windows Desktops.
BeyondTrust plans continued expansion
of Privilege Controls to other platforms
and devices, as well as Remediation
capabilities for heterogeneous environments,
ensuring that customer investments
in the BeyondTrust Privileged Access
Lifecycle Management continue to
deliver returns in the future. |
|
PALM