The Changing Landscape of Privileged Accounts Security

Paul Fisher and Anil Bhandari decode the role of PAM in modern IT environments
ARCON and KuppingerCole met once again for an exclusive webinar! Held on 3rd November 2020, this webinar was presented by the two stalwarts of modern IT security: Paul Fisher, Lead Analyst, KuppingerCole Analysts AG and Anil Bhandari, a Thought leader and Chief Mentor, ARCON. In this hour-long session, the essence of a robust Privileged Access Management (PAM) solution was discussed in detail. Unmonitored privileged accounts are the major source of data breaches and malicious actors always try to exploit the security vulnerabilities in and around privileged identities.

During the first half of the webinar, Paul Fisher from KuppingerCole highlighted the traditional IT threats associated with privileged accounts in the modern organizations. He also highlighted the IT trends, technologies and future of this solution. Below are the key takeaways from the first half of the session:

• The traditional IT threats associated with privileged accounts are due to unmonitored and unrestricted access, lack of user authorization and user authentication, uncontrolled access to the database servers, weak privileged credentials, poor privileged lifecycle management, and lack of accountability. He also added that global security compliances like EU GDPR, California Privacy Act, SWIFT CSCF and their implementation prevent losses of digital assets, money and reputation.
• Adoption of several business processes are demanding more robustness of PAM solutions. Due to the drastic transformation of the work environment, organizations are counting too much on remote access, unlimited vendor access, uninterrupted customer access, data governance etc. However, security of the admin accounts and the privileged accounts remains at stake if the access control mechanisms are unable to detect and identify anomalous behaviour.
• To beef up IT security in the enterprise network of Privileged Access Management (PAM), organizations are emphasizing more on seamless monitoring of the privileged sessions, multi-factor authentication of the users, single sign-on and incorporating Zero Trust Privileged Access Security framework. Assessment of risk is given more crucial to reinforce end-to-end security in the overall IT ecosystem.
• Incident response management, forensics, endpoint protection, secure remote access and IT risk management are the security processes that organizations are following today to keep emerging IT threats at bay.
• Today privileged accounts are no more accessed only by the administrators but also by IT users in different levels of IT operations. The expansion of network, geography and the number of privileged accounts are forcing IT security teams for better management of passwords. To ensure ease of operations, the organizations keep on piling up privileged rights without keeping a track of the passwords which leads to disaster.
• The proliferation of high value data and services suggest more number of privilege accounts in modern organizations. Assessment of risk and continuous analysis of the importance of the accounts is most important to ensure secure IT infrastructure. Systematic allocation of roles and responsibilities can help organizations to track who is accessing which account at what time for what purpose. This enhances the agility and effectiveness of PAM solutions.
• The high value privilege accounts require immediate shift towards Just-In-Time privilege so that excessive standing privileges can be removed from the enterprise network. The administrators can keep a track of the privileged rights easily since the permit is temporary and requirement-based.

In the later half of the webinar Anil Bhandari from ARCON discussed the advanced use cases of Privileged Access Management (PAM) and how ARCON can help to meet the requirements to eventually move towards a successful PAM implementation. Here are the highlights of the discussion:

• Considering the general use cases of PAM today, the first and foremost point that most of the organizations prefer is to implement password-less access with all the target devices where the users can seamlessly connect with the VPNs, RDPs etc. Secondly, organizations look forward to implementing command filtering features which are necessary in scenarios where commands are given to wrong targets. PAM helps to filter the relevant firing of commands with a strong control over the access mechanism.
• Session monitoring is not only important from a security perspective but also it helps the admin team to rectify any mistakes in any of the sessions done by any user by finding out the time and location of the task. For example, if any third party vendor who is supposed to shoot a command to the production team, by mistake shoots it to the procurement team, session monitoring can help to identify the wrong command and terminate it immediately.
• In spite of having all the above mechanisms in place, organizations still struggle with a Password rotation policy especially in the mid-size and large organizations. The prevalent reasons behind it are a large number of IT assets, huge investments in new technologies without assessing the IT environment, inability to meet the needs of authorizing and authenticating users, understanding highly complex IT infrastructure, explosion of privileged IDs without any least privilege principle and so on. ARCON | PAM necessitates all the requirements under one roof.
• Since a decade, ARCON understands and emphasizes the requirement of a strong vault that can be far from attack and no data asset is lost. In addition, hundreds and thousands of passwords can be rotated in minutes with ARCON | PAM’s password vault. It has the technology of Multi-vault processors that can be aligned to the IT infrastructure on the basis of devices, user groups or lines of businesses.
• The technologies that PAM platform safeguards are enterprise OS, security devices, routing devices, telecom equipment, business applications, cloud applications, operational technologies, robotics, and IoT. ARCON | PAM helps organizations with an overall time management because no organization would like to spend an army of employees to manage PAM solutions, instead, it should be user-friendly and a self-learning experience.
• ARCON plays the role of an identity provider in an enterprise by managing the PAM lifecycle and offering a strong vault. It protects the data assets with a smart session monitoring, command filtering, and offers analytical reports on screen from which the risk assessment team can capture any kind of suspicious activity. It even directs the administrator to the right video at the right time which saves lots of time while checking all the user activity videos hours after hours.
• ARCON with its highly skilled professional services team can help organizations achieve the advanced use cases without any disruptions. Large enterprises have embarked on the journey to address the emerging threats across the globe and ARCON solutions are there to safeguard the organizations from those threats.
• ARCON is even ready for some advanced use cases. In the next 2 years, BOTs are likely to come up with a huge space. Our personal tasks could be even automated and credentials would start being hard-coded. PAM again here could play a big role to secure and automate password rotation policies.
• Lastly, Zero Trust Security model is going to be mainstream now where users can access the technologies from anywhere in the world. It requires uninterrupted assessment of the tasks done by the IT users. ARCON | Privileged Access Management (PAM) is always a step ahead with the robustness of risk-predictive mechanisms compared to the risk-preventive ones. The Predict | Protect | Prevent model of ARCON enables us to build a Zero Trust framework around privileged identities.

ARCON in this cutting-edge technology domain is always ahead in the competition as the R&D team always remains at par with the demands and trends. ARCON | Privileged Access Management (PAM) in this era of remote work conditions addresses humongous access control risks arising from daily use cases. ARCON sincerely looks forward to be a part of more webinars with KuppingerCole Analysts and explore more avenues of privileged security that can be reinforced in the new-age technologies of the next decade.

ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.