NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Privileged Access Management: The Struggle is… Not Real?

January 25, 2018

  • Blog
  • Archive

blog-privileged-access-management-struggle-not-real.jpg

Privileged access management, or PAM, is a technology that is growing rapidly and increasing in importance to enterprises everywhere. The reasons are obvious – many attacks and malware make use of privileged identities, and insider scenarios with unchecked privileges in play can be devastating as well. Auditors and regulatory compliance bodies are paying much closer attention to privileged accounts in organizations, too, as many IT teams are now being asked to provide comprehensive controls over privileged account access, along with extensive audit trails of privileged user activity.

In my upcoming webinar, “Privilege (and Password!) Management without the Pain”, we’ll get real about the upside to privilege management tools, and work to dispel some of the myths around how challenging they are to install and operate.

All this said, privilege management tools are often cited as one of the thorniest technologies to plan for and implement within enterprise IT environments. One of the reasons for this is the sheer breadth of privileged access seen in the enterprise today. The task of implementing PAM feels daunting, likely because there are so many systems, lots of different accounts, and numerous use cases to consider in looking at how admins get their jobs done.

Sadly, this is a symptom of larger messes – they take more time and effort to clean up. Many newer PAM tools have seriously streamlined discovery processes for privileged access, and have also emphasized deployment processes to speed things up and make the integration of PAM more seamless than ever. Coupled with this, the ease-of-use has long been lacking in PAM products for many years. Some products are complex, with interface design that doesn’t make choosing policies and implementing diverse PAM throughout the IT environment simple or intuitive at all.

This is definitely changing, too. If admins cannot figure out how to use products, let alone maintain them over time, they won’t. And we all know what happens in that case – we go back to the Dark Ages of “root” and “local admin” and who knows what else.

PAM products are also adapting rapidly to new technology stacks that include cloud services, containers, DevOps deployments, development-focused secrets management platforms, and many more. Long gone are the days when PAM is used just for Windows and Unix/Linux… we have way too many tools and technologies today to stop there. Modern enterprises need the full gamut of PAM capabilities – session management, high-availability for the solution itself, application-to-application mapping, strong discovery and account/application detection, and coverage of major operating systems along with newer technology stacks. Enterprise-class vendors will also emphasize usability and interface design, so that admins and security/audit teams won’t need advanced degrees to figure out what they need to do within the product.

2018 is upon us, and it’s time to dispel the myth that “PAM is difficult”. As a core cybersecurity and auditing technology that touches many of your most critical applications, services, and systems, it will understandably take some time to plan and deploy. However, think of the other side of this coin – privileged identities are being compromised and abused at an alarming pace – are you immune to this? Can you afford NOT to look at a solution that can help solve this problem?

Photograph of Dave Shackleford

Dave Shackleford, Cybersecurity Expert and Founder of Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.