Privileged identity management (PIM) is part of the overall identity and access management (IAM) family of technologies, which together provide corporations mechanisms to govern the who, what, where, when, and why of secure access management and provisioning. The privileged identity management market has evolved over the past several years in response to several key issues:
This IDC Vendor Profile profiles BeyondTrust, a market leader in the privileged identity management (PIM) space. In this Vendor Profile, IDC defines the market drivers for PIM technology and outlines the BeyondTrust approach to solving this issue for both enterprise and government entities.
From a security standpoint, it is an unfortunate truth that employees still often remain the weakest link in the infrastructure. Privileged user accounts are the most powerful accounts defined within an IT enterprise environment. Privileged passwords run on critical applications in servers, operating systems, and databases. Often generic in nature, they include, but are not limited to, generic accounts such as administrator on Wintel platforms, root on Unix systems, DBA passwords, and the hard-coded passwords found in application scripts throughout an enterprise. A particularly complex situation arises with embedded applications passwords. When two unattended software applications connect, a powerful username and password is required, and these are often stored in clear text and embedded in the application code or in a configuration file or script.
Privileged identity management is elevated to a new level of importance within the cloud platform. Unlike traditional enterprise infrastructure, in which privileged user access is confined within the corporate walls, cloud computing adds both complexity and scale. The cloud brings with it new types of privileged accounts around cloud infrastructure management (provisioning and configuring the cloud and virtualized environment) that goes beyond traditional application, databases, and OS administrative accounts.
Privileged accounts are a core part of every system and are created to provide complete and full control to systems administrators. The passwords of these accounts have been typically shared among IT admins as many daily and administrative tasks require privileged access. Since these systems are the repository for critically sensitive business data and information, the systems administrators are trusted with the keys to all of IT and, subsequently, the kingdom within the enterprise. Unfortunately, this type of trust is often misused — sometimes unintentionally, but more often, it is deliberate. The goal of BeyondTrust is to eliminate the misuse of privilege throughout the ever-expanding IT environment.
BeyondTrust is a privately held company. Originally known as Symark, as of September 2009, the company was rechristened BeyondTrust to reflect its movement beyond its beginnings to provide privilege authorization management, access control, and security solutions for virtualization and cloud computing environments via the PowerBroker suite of products.