If you can tackle only one project this year to improve the security of your enterprise, what would it be? Gartner suggests Privileged Account Management (PAM).
Gartner Vice President and Distinguished Analyst Neil MacDonald presented his Top 10 Security Projects for 2018 during last week’s Gartner Security and Risk Management Summit (SRM). PAM was number one on Neil’s list as he stated, “This project is intended to make it harder for attackers to access privileged accounts and should allow security teams to monitor behaviors for unusual access.” You can read more about Neil’s top 10 list on the Gartner web site.
Here at Bomgar we couldn’t agree more with his assessment. Our own market research aligns with that of Gartner’s Mr. MacDonald about the essential security benefits that PAM provides. Our 2018 Privileged Access Threat Report revealed that organizations using automated privileged access management technology experienced far fewer serious breaches than those that did not.
Bomgar was a Premier sponsor at Gartner SRM where we exhibited our comprehensive PAM solution. We showed how Bomgar’s PAM technology can automatically manage and secure privileged credentials, while also controlling privileged access.
With our solution, customers can defend against the most common cyberattack pathway – remote access – while also securing the one thing that is used in almost every data breach – privileged credentials.
How do we do it?
As Bomgar’ Sam Elliott explained during his Gartner SRM session, “Leveraging Identity Management to Achieve Acceptable Losses,” we suggest a six-step process for controlling privileged access and privileged identities:
- Secure vendor access: Eliminate VPNs for vendors to improve security and access management.
- Secure insider access: Enforce least privilege for employees to protect IT assets.
- Discover and safely store passwords: Automatically find privileged accounts on your cross-platform network and bring these accounts under management.
- Rotate and randomize privileged credentials: Continuously randomize the credentials for each account – on a frequent schedule or in response to an attack.
- Protect service accounts: Automatically discover service accounts and their dependencies - both clustered and individual services - to achieve optimal system uptime.
- Fortify app to app security: Obscure these application credentials and change them frequently to remove the threat of hard-coded credentials.
Want to learn more about making Privileged Account Management a priority this year?