SOFFID BLOG

¿Por qué el Acceso Privilegiado (PAM) es tan esencial en las empresas?

Oct 28, 2022 | Sin Categoria

At the heart of remote cybersecurity is Privileged Access Management (PAM). It’s the protection around sensitive and privileged user accounts, which are the crown jewels for cybercriminals. For the channel, PAM creates a new revenue stream and further business opportunities with their customers. It is true that having unrestricted access to clients’ IT estates is part and parcel for a service provider. But, it does pin a huge target on their backs.

Offering comprehensive PAM solutions will enable channel partners to secure, manage and monitor access to their own privileged accounts. As well as those of their clients, keeping the most valuable keys to their network safe.

Remote working is here to stay, and the channel is pivotal in supporting organisations in their efforts to maintain the best protection against cyber attacks. Whether they’re adopting a hybrid, or fully remote working model. Channel partners have a rich portfolio of security solutions. They are in the ideal position to facilitate these flexible models and provide organizations with the seamless IT support. Because they need to connect workers securely, irrespective of their location.

Privileged Access Management can provide partners with greater security not only for their clients but for their own accounts too

In today’s cyber environment, stolen and misused privileged accounts can be used to inflict tremendous damage. As well as the access they provide to sensitive and critical data and hosts

Implementing a Privileged Access Management (PAM) tool

Implementing a PAM tool reduces the likelihood of privileged credentials being compromised or misused in both external breaches and insider attacks. Such tools also help reduce the impact of an attack when it occurs. Because radically short the time during which the organization is unaware that it is under attack or being subverted. Cloud security, anomaly detection, and securing the software development life-cycle also can be addressed with a PAM tool. As can regulatory compliance and operational efficiency.

PAM solutions need to be aware of not only who a user is, but also to which resources they should be granted privileged access. To enhance security even further, strong PAM solutions tend to have their own layers of security capabilities. That is, they will have the ability to limit user access not only by role, but also by other factors, such as time and location. This ensures that even an authenticated user only sees the specific resource being accessed, and only when appropriate.

As a quick example, a given user has privileged access to a server to perform an upgrade because they have the server administrator role. But the PAM administrators might also limit that privileged access, for business reasons or simply as a security practice. Granting a two-hour window starting at midnight, for example.

Outside of that time frame, even with the login credentials, the user won’t be able to access the server for good or malicious reasons.

Multifactor Authentication (MFA) & Privileged Account Management (PAM)

If a user has successfully authenticated to the system, the PAM system will provide the user the privileged access they have been granted. Of course, that’s entirely appropriate, when the user is who they say they are. At the same time it is potentially disastrous when a privileged user within the system is not who they say they are.

Strong PAM solutions have safeguards to protect against this very situation. Session management tools, for example, will alert the security team (or automatically kill the session) when the activity undertaken by a privileged user is outside of defined parameters. One possible case might be a so-called database administrator who suddenly starts rapidly executing a large number of queries against multiple databases.

But what of the case where a hacker has stolen a DBA’s credentials, gained entrance to the system? And then undertakes activity which does not raise alarms, such as running an occasional query as the legitimate DBA might do?

Once you gain access to the system, do you engage in non-alarm activity? Like running an occasional query like a legitimate DBA would.

How do MFA and PAM work together?

This is the kind of situation that MFA and PAM solutions avoid when they work together.In this way they provide a true layered defense of security. Where strong PAM solutions excel at providing only the appropriate access to privileged users. A strong MFA vs. PAM capability ensure users are who they say they are before they get to the point of granting privileges.

It’s a layered strategy that truly helps security teams and administrators create a defense-in-depth. It is a solid way to increase the cybersecurity of a company. Especially in today’s environments that are subject to constant hacking attempts.

 

References:
(1)  Newsweek.com
(2) secureworld.com
(3) Dark Reading

Picture: Foto de Negocios creado por jannoon028 – www.freepik.es

Related Articles