BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    Use Cases and Industries
    See All Products
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Five Tips for Choosing a Privileged Password and Session Management Solution

February 26, 2018

  • Blog
  • Archive

blog-five-tips-choosing-privileged-password-management.jpg

If you’ve been tasked with helping your organization choose its next (or first) privileged password management solution, you’re probably facing the unenviable task of wading through dozens of vendor websites, brochures, white papers, reports, and opinions about which solution is best.

We’ve taken the collective wisdom of customers and partners who’ve shared their experience with evaluating vendors and implementing privileged password management solutions, and distilled it into five tips to help you choose the best solution for your organization:

1) It’s About Your Use Cases, Not the Vendors’ Features

Whether you’re implementing privileged password management for the first time or replacing an existing solution, focus on what problems you need to solve, instead of the feature set. The privileged password management market is maturing, so there’s a lot of similarities between solutions. The big differences often lie in how they approach the problem. As you outline your use cases, be sure to consider integrations with threat analytics, SIEM, identity and access management, and any other IT security solutions already deployed in your enterprise. These integrations should save your IT admins time, not add more administrative burden.

2) Demos Are Good— but POCs and Bake-Offs Are Even Better

When you’ve narrowed your solution vendor list to a manageable few options, ensure you know what you’re buying by scheduling proof of concept (POC) or bake-off sessions with the vendors. POC’s and bake-offs give you an opportunity to see the solution implemented in real-time. It also provides insight into the level of effort that your solution will require. Ask questions like:

  • How many professional services engineers does it take to get the solution up and running?
  • Can you make changes to parameters on the fly, or will you be forever reliant on the vendors’ professional services team?

Answers to those questions will help you determine longer-term support and services costs and will impact the true total cost of ownership for whichever solution your organization chooses. Make sure you get commitment up front on deployment, expectations and timelines.

3) Rely on a Team of Trusted Advisors (Account Manager, Professional Services Engineer, Pre-Sales Engineer, Independent Industry Analysts)

Your sales rep, pre-sales and professional services engineers from the vendor should give you a glimpse into what it’s like to do business with the vendor. Key questions to ask:

  • Are they knowledgeable and helpful?
  • Is there documentation to explain questions you have?
  • If you’re working with a partner, what’s been their experience with the vendor?

Special caveat: Watch out for “vendor-sponsored” “competitive reviews.” If the vendor is paying for a review of their competitor’ products, in whose favor do you think that review is going to work out? (Trust us, we’ve seen some weird ones!)

Instead, every research analyst firm has its own methodology for evaluating solutions. And many of them, like Gartner and Forrester, publish research every 12-24 months. Does their research include industry best practices that you can take into account with your evaluation?

4) You Can (And Will) Never Have Enough Reports

Reporting and analytics are often over-looked in the evaluation, but it’s one of the main outputs that you will need to share with your organization. Key questions to ask:

  • How many reports come standard?
  • What are the most common?
  • Can you integrate data from your other security solutions into your analytics and reporting?
  • How easy is it to customize reports to suit your organizations’ changing requirements?

5) Plan for Now, but Also Look to the Future – Ask for a Roadmap

Since your organization’s needs will likely change over time, it’s important to understand where the vendor’s solutions are headed. Asking for a roadmap will not only provide insight into their level of commitment to addressing your use cases today, but also help you gauge whether privileged password management is a top priority for their organization going forward. With all the industry churn and consolidation happening in the PAM market currently, this is very important.

Every organization’s use cases are unique to them, but the five tips I mentioned here should transcend any buying situation. Do an in-depth POC, get commitment on pricing to avoid the “gotchas”, accurately scope the deployment, and seek independent third-party comparisons of vendors in the space.

In addition to some of the links to the third-party analyst reports from Gartner and Forrester, be sure to rreview some of the common technical use cases in the white paper, A Technical Solutions Guide for Privileged Password and Session Management Use Cases. And, as always, contact us with any questions.

Photograph of Sandi Green

Sandi Green, Product Marketing Manager, BeyondTrust

Sandi Green is the Product Marketing Manager for PowerBroker Password Safe, PowerBroker for Windows, and PowerBroker Mac at BeyondTrust. She has over 20 years of sales and solutions marketing experience with technology companies that served a variety of industries ranging from life sciences, human capital management, consumer packaged goods and most recently IT security. When she’s not following the latest trends in Cybersecurity, she’s busy following college football and basketball. Follow her on Twitter at @SandiGreen3.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Mapping BeyondTrust Solutions to the Identity, Credential, and Access Management (ICAM) Architecture

Whitepapers

Four Key Ways Governments Can Prepare for the Growing Ransomware Threat

Whitepapers

The Operational Technology (OT) Remote Access Challenge

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.