Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Are these Privileged Access Security Myths Haunting You?

October 31, 2019

  • Blog
  • Archive

Darkness falls. A thick fog settles across the land. In a basement, dimly illuminated by the shimmer of a computer screen, there sits a hooded phantom. The face a mere shadow – worn out by a constant scroll of green matrix code. This is a hacker… at least a hacker as perceived by 95% of Internet photography! While this may conjure up cliché, the horrors unleashed by a hacker are very real…

Faster than a witch, more cunning than a werewolf, deadlier than a zombie. The black hat hacker’s malicious mischief mystifies and terrifies all types of organizations worldwide. One of the popular antidotes to this toxic epidemic is Privileged Access Security, but recently even this has fallen foul of misleading myth and frightening falsification.

Read on as we separate fact from fiction. Learn how you can evade hordes of hungry hackers, and on this Halloween and beyond, achieve ghoul-proof security.

The Current Cybersecurity Landscape

First, some truth. Data breaches spiked 54% higher in the first half of 2019 versus 2018. The reasons for this increase are, of course, complex and varied. However, a key factor is simply that the attack surface continues to grow. While hackers are getting more sophisticated in their methods and IT environments are becoming more complex and harder to defend, many organizations are slow to adopt new, proven strategies when it comes to securing systems and users.

So what can you do to better assert control over your environment and mitigate the greatest amount of threat surface the fastest? Gartner sought to address this question in publishing their list of 2019’s highest priority security projects for organizations to undertake. For those of you who click on the link (or just take our word for it) to the Gartner article, you will see Privileged Access Management (PAM) listed as “Project 1”. To cost-effectively reduce risk and enable business initiatives, IT organizations must learn how to manage human identities as well as shared admin accounts, servers, desktops, IoT, and machine credentials across diverse environments that can include on-premise, cloud, and hybrid, as well as DevOps.

Privileged Access Management Mythbusting

Below, we begin our quest in busting six sinister myths around PAM. We’ve given you two, as a fearless favor, but the other four are locked away in this free whitepaper – are you ready to unpackage the rest of these myths?

Myth 1 - Vendor Access Can be Secured Using the Session Management Capabilities of Your Password Manager

Password managers are helpful tools for users overwhelmed by the volume of passwords they need to know to access the myriad systems, portals, and applications existing across the typical organization. So, the idea of having an encrypted digital vault that can store all of this information for you, as well as generate unique and strong passwords for different services, is often an essential (and sometimes free) tool many people leverage.

But consumer-oriented password managers, such as LastPass, 1Password, and Dashlane have significant limitations. Many folks mistakenly believe that these types of password managers will offer session management capabilities that can secure vendor access. Nope.

It’s important to stress that free tools (such as RDP) alone just aren’t robust enough.

Myth 2 - PAM Requires a Large IT Team & Effort to Implement/Manage

The concept of implementing a new security technology can be daunting for many organizations – especially if your environment is made up of a variety of operating systems, legacy software, and far-flung global locations. Or, maybe you have a small IT team that is already stretched to the limit. However, a mature privileged access management solution will be simple to deploy and maintain over time. Implementing PAM is easier than you might think.

You should consult the experts—IT services providers, leading PAM solution vendors, and system integrators (SI’s). They have experience installing PAM and can turn a potentially steep learning curve into a very manageable project. Leading PAM providers will provide an extensive set of integrations, meaning you can benefit from technologies working together straight out-of-the-box, maximizing your existing IT investments and making the entire process even more seamless and efficient. Of course, with all that said, some PAM solutions are much easier to implement and maintain than others.

For less overhead and infrastructure requirements, PAM solutions can even be deployed in the cloud using SaaS (software as a service) or a hosted solution such as AWS or Azure.


UNLOCK MORE PAM MYTHS NOW, IF YOU DARE

We hope you’ve found this blog post insightful and revealing. Separating fact from fiction is the first step to developing the best security model for your organization. For an eye-opening analysis into all six widely held PAM myths, read our ‘Busting the 6 Myths of PAM’ now, or forever hold your peace.

Let’s send these myths to the graveyard once and for all!

Jonathan Clarke

Content Marketing Manager

With a Master's Degree in English Language and Media, Jonathan has a genuine passion for producing compelling and thoroughly researched cybersecurity content. Coupled with a B2B agency background, he is adaptable to a wide range of industry topics, and also looks after BeyondTrust's Public Relations and social media channels. A huge animal lover, he is the proud 'father' of Simba, a very hyperactive German Shepherd dog.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

Webcasts | January 27, 2021

AN ANALYST’S TAKE: Securing Privileged Identities & Remote Access in 2021

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.