Weitere ähnliche Inhalte Ähnlich wie Actionable Guidance to Succeed in Enterprise-Class Privileged Access Management (20) Mehr von Enterprise Management Associates (20) Kürzlich hochgeladen (20) Actionable Guidance to Succeed in Enterprise-Class Privileged Access Management1. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Steve Brasen
Research Director
Enterprise Management Associates
Actionable Guidance for Succeeding in
Enterprise-Class Privileged Access Management
Paul Lanzi
COO and CoFounder
Remediant
2. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Watch the On-Demand Webinar
Slide 2
• Actionable Guidance for Succeeding in Enterprise-Class Privileged
Access Management On-Demand webinar:
https://info.enterprisemanagement.com/succeeding-in-enterprise-class-
privileged-access-management-webinar-ws
• Check out upcoming webinars from EMA
https://www.enterprisemanagement.com/freeResearch
3. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Featured Speakers
Steve Brasen, Research Director, EMA
Steve's career at EMA follows 20+ years of “in-the-trenches” experience in IT
systems support, engineering, and management for high-technology,
telecommunications, and financial institutions. Steve's primary focus area at
EMA is on endpoint and identity management topics, including identity and
access management, privileged access management, and unified endpoint
management.
Paul Lanzi, COO and Co-Founder, Remediant
Paul and his co-founder at Remediant, Tim Keeler, worked together in the IT
departments of several biotechs including Genentech, Roche and Gilead
Sciences before starting Remediant. At each of those organizations, they saw
first-hand the drawback of the legacy approaches to PAM and were inspired to
create something new. Paul's previous corporate IT experience includes project
and program management, corporate mobile app development team
management and recruiting and managing full-stack web development teams.
4. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Steve Brasen
Research Director
Enterprise Management Associates
Actionable Guidance for Succeeding in
Enterprise-Class Privileged Access Management
Paul Lanzi
COO and CoFounder
Remediant
5. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Agenda
Slide 5 © 2020 Enterprise Management Associates, Inc.
• Understanding Privileged Access Management
(PAM)
• Evaluating PAM Solutions
• Platform Adoption Process
• Essential Considerations
• Meeting Business Requirements
• Conclusions
6. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Understanding Privileged Access Management
Modern-day enterprise IT and security
management are broadly dependent on the
availability of privileged accounts.
Governance of processes for authorizing
elevated permissions to access the most
sensitive IT resources comprise the practice
of privileged access management (PAM).
According to EMA primary research, 79% of
organizations consider PAM to be very
important or critical to their business
operations.
Slide 6 © 2020 Enterprise Management Associates, Inc.
7. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Understanding Privileged Access Management
76% of organizations experience privileged
access policy violations each year.
60% of these occurrences lead directly to
business-impacting security breaches.
65% of organizations are NOT confident that
their current PAM solution is capable of preventing
policy violations from occurring.
Slide 7 © 2020 Enterprise Management Associates, Inc.
8. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Understanding Privileged Access Management
The greatest inhibitor to adopting an
effective PAM solution is IT complexity.
Adopted solutions must not incur excessive
costs, overburden management teams, or
disturb business operations.
Adoption is also inhibited by concerns that
the platform may not be worth the
investment if it is not actively used or
bypassed by users.
Slide 8 © 2020 Enterprise Management Associates, Inc.
9. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
PAM Platform Adoption Process
Organizations should adopt
PAM solutions that align with
their unique business
requirements.
The first step to identifying an
effective PAM solution is to list
and prioritize key business
requirements.
Slide 9 © 2020 Enterprise Management Associates, Inc.
10. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
PAM Platform Adoption Process
Steps for implementing an effective PAM platform:
Slide 10 © 2020 Enterprise Management Associates, Inc.
Identify solution providers that best meet
identified business priorities
Review a “shortlist” of products
Review public reports
Meet with vendors
Live demonstrations
Interview existing customers
Initially, roll out the solution on a
limited basis
When confidence is achieved,
initiate full-scale deployment
11. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Adopted PAM platforms should govern all
privileged access use cases active in the
organization, including:
• Global IT administrator access
• OS-level, built-in administrator accounts
• User access to business systems
• Public and private cloud environments
• Web and SaaS applications
• User access to specific applications
• Administrator access to end-user devices
Slide 11 © 2020 Enterprise Management Associates, Inc.
All privileged access policies and monitoring should be managed
from a single, centralized console
Environmental Considerations
12. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
• Asset discovery and inventory
• Identification of existing privileged
access rights
• Reporting, alarming, and dashboarding
• Auditing of access rights
Slide 12 © 2020 Enterprise Management Associates, Inc.
Access Monitoring Considerations
83% of surveyed organizations indicated they are not fully confident that all
privileged access accounts and users have even been identified
13. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Slide 13 © 2020 Enterprise Management Associates, Inc.
Deployment Considerations
Platform evaluations should consider how
long deployments will take and how many
support personnel will be required to
implement them, including to…
• Install and configure infrastructure and
software components
• Train and/or hire administrators
• Navigate corporate change management
processes
The most frequently noted reason for not adopting a PAM platform is that the
solutions are viewed as “too complex to implement”
14. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Slide 14 © 2020 Enterprise Management Associates, Inc.
Administration Considerations
Adopted PAM solutions should be easy to
manage.
• Wherever possible, employ automation
• Enable user self-service capabilities
• Align processes with business workflows
• Leverage monitoring and automation to
achieve continuous compliance
• Simplify onboarding of users and devices
On average, it takes administrators nine hours to resolve issues related to
privileged access policy violations
15. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Slide 15 © 2020 Enterprise Management Associates, Inc.
User Account Considerations
• PAM solutions should ensure each
privileged user has a unique account
• Ideally, solutions will elevate privileges
of existing accounts
• The use of standing privileges should
never be permitted
57% of organizations allow multiple users to share the same privileged
accounts, significantly reducing security effectiveness
16. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Slide 16 © 2020 Enterprise Management Associates, Inc.
Access Expiration Considerations
• Just-in-Time privileged access grants
elevated permissions to perform specific
tasks for a specific period of time
• One-time access credentials are
disabled when not in use
• Offboarding capabilities will automatically
disable all privileged access for users
and devices no longer associated with
the business
41% of surveyed organizations admit to allowing users to retain
privileged access indefinitely
17. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Essential PAM Considerations
Slide 17 © 2020 Enterprise Management Associates, Inc.
Extensibility Considerations
PAM solutions should be able to grow with
the business, supporting increasing
numbers of:
• Users
• Devices
• IT services
• Workloads
PAM solutions should easily integrate with
third-party security management platforms
Companies should select PAM solutions that will support both
current and future business requirements
18. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 18 © 2020 Enterprise Management Associates, Inc.
The prioritization of PAM capabilities
will be different from business to
business.
Details about the type of business will
help indicate which PAM solution will
provide the best fit.
High-level considerations can be
determined based on general
business characteristics.
19. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 19 © 2020 Enterprise Management Associates, Inc.
Industry Requirements
Different industry types require different PAM
approaches and priorities.
Some industry-specific requirements include:
• The need to meet regulatory compliance
• Sensitivity of hosted data, apps, and
services
• Distribution of IT resources
• The need to extend access to partners,
outsources, and service providers
PAM solutions should be adopted that optimally address
any unique industry requirements
20. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 20 © 2020 Enterprise Management Associates, Inc.
Small Business Requirements
Key Challenges:
• Limited support resources and budgets
• Support staff wear many hats
• Must meet the same security requirements
as larger competitors
PAM Features to Prioritize:
• Easy to implement and onboard users
• Simple to manage
• Extensible so it can expand with the
business
Small businesses should not have to make additional investments
in service management and support personnel
21. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 21 © 2020 Enterprise Management Associates, Inc.
Medium Business Requirements
Key Challenges:
• Large support stack with low admin/user ratio
• Broad number of privileged access use
cases and requirements
• Must meet regulatory commitments
PAM Features to Prioritize:
• Centralized PAM management
• User self-service
• Automated onboarding and offboarding
• Just-in-Time privileged access
Just-in-Time privileged access is essential to ensuring approved
tasks are only performed in the approved timeframes
22. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 22 © 2020 Enterprise Management Associates, Inc.
Large Business Requirements
Key Challenges:
• Distributed business units
• Distributed IT support teams
• Too many unintegrated security products
(i.e., “security sprawl”)
PAM Features to Prioritize:
• Standardized privileged policies
• Must operate at scale
• Privileged access governance
• Strong integration with infosec solutions
PAM platforms must be able to operate at scale in order to ensure
consistency is maintained across all locations and business units
23. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 23 © 2020 Enterprise Management Associates, Inc.
Infrastructure Requirements
The degree of decentralization of IT affects
how PAM is implemented enterprise-wide.
Organizations must prevent workers from
utilizing privileged accounts on unknown and
unmanaged resources.
Organizations with complex IT infrastructures
must enable:
• Holistic visibility
• Unified management
The size and complexity of IT ecosystems affects
the scope of PAM requirements
24. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Business Requirements for PAM
Slide 24 © 2020 Enterprise Management Associates, Inc.
User Requirements
PAM policies and controls should be
established to appropriately meet
requirements of different types of privileged
users, including…
• IT administrators
• End users requiring elevated privileges on
their personal device
• End users requiring elevated privileges on
business systems
Different types of users require different PAM functionality
25. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING
Key Conclusions
• Few security investments rise to the level of
importance as establishing control over
privileged access
• Unfortunately, IT managers often settle for
ineffective and vulnerable privileged access
approaches
• Organizations must implement PAM
solution that meet their unique business
requirements
• Platforms with Just-in-Time and Just-
Enough controls most effectively achieve
PAM requirements across the breadth of
use cases
Slide 25 © 2020 Enterprise Management Associates, Inc.
26. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTINGSlide 26 © 2020 Enterprise Management Associates, Inc.
Tim Keeler,
Co-founder & CEO
Paul Lanzi,
Co-founder & COO
• Reframing Privileged Access Management:
• Agentless, Vaultless, Just-in-Time
• Founded by former biotech
information security and IT practitioners
• Funded by Dell Technologies Capital
and ForgePoint Capital
• Referenceable, fully deployed
Fortune 500 customers
• 2019 Black Unicorn Winner and Gartner Cool
Vendor
About Remediant
© Copyright Remediant 2020
27. IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTINGSlide 27 © 2020 Enterprise Management Associates, Inc.
I’LL LEAVE YOU WITH THIS:
PRIVILEGED ACCESS IS STILL THE “WEAK UNDERBELLY” FOR NATION STATE
ADVERSARIES AND MALICIOUS INSIDERS
480
Average number of admins
with 24x7 access to each
workstation1
30%
of an average organization
is covered by Privileged
Access Management (PAM)
74%
of breached organizations
admit involvement of a
privileged account
Receive a complimentary rapid credential assessment:
https://www.remediant.com/auditing-privileged-access-management
• 1. For organizations with 15,000+ endpoints
© Copyright Remediant 2020