Mobile Search Mobile Menu

By Sean Rogers

10 Shares

In 2016, Forrester announced a finding that 80 percent of security breaches involve privileged credentials[1] and since then, that number has been remarkably steady. More recently in 2019, Centrify published a report that found privileged access credential abuse in 74 percent of breached companies surveyed[2].  The survey goes on to state that many organizations lack the very basic defenses to stop privileged account abuse.  

Why are privileged accounts so important? Well, they are in a real sense the keys to the kingdom. These keys give access to the administration of superuser accounts which can be accessed by using a password, certificates, or tokens. They give an intruder, or unauthorized user, access to critical systems, applications and databases containing potential confidential information on customers, employees, and the company. If these accounts were to be compromised, many times, this causes irreparable reputational damage and financial harm which in turn can have a direct impact on the boardroom.

Observations:

One possible answer to the question of why these breach statistics have remained so stubbornly high is the fact that we have experienced a dramatic shift to the cloud since 2016. There has been a rush to embrace the efficiencies and the return on investment (ROI) of digital transformation. With this shift, organizations have bought into more automation and more ways to “get to know your customer.” The corporate perimeter or edge has transformed from a physical concept (firewall, gateway or proxy server) to much broader and changing concepts like access rights, authorization, identity, least privileged, and zero trust. The demarcation between the customer, employee, and data has almost disappeared.

Adding to this, organizations moved to the DevOps lifecycle (rapid development and deployment of services), APIs (Application Program Interfaces), containers, and Kubernetes clusters. Suddenly, you are facing a far more complex privileged account definition and deployment landscape. The lines between development, testing, and production environments have become less clear and have opened up more room for errors.

Developers can mistakenly include secrets or keys embedded in the code, APIs can be compromised, and containers are being run in third-party clouds. One of the first privileged access management vendors to make a move to address this widening attack surface is CyberArk, with the acquisition of Conjur, a Waltham, MA based DevSecOps startup. Since then, there has been a rush to plug the DevOps gap across the privileged vendor ecosystem with varying degrees of success.

What’s next?

Privileged Account Management (PAM) software has moved from shelf-ware to a key component in the enterprise identity access management (IAM) and digital transformation roadmap. PAM has become an equal partner to governance and risk solutions when enterprises are reevaluating their IAM infrastructure. The PAM deployment landscape has widened considerably even in the past three years due to the rapid adoption of the cloud as a delivery environment for digital transformation. Any enterprise assessing, building, deploying, or refreshing their IAM toolsets and resources must plan for a robust and scalable PAM solution in partnership with their service partners.

In the next blog, we’ll explore what to look for in a service provider equipped to navigate the ever-changing PAM landscape.


[1] Cser, A., Balaouras, S., Koetzle, L., Maxim, M., Schiano, S., & Dostie, P. (2016, July 8). The Forrester Wave™: Privileged Identity Management, Q3 2016. Retrieved June 18, 2019, from https://www.forrester.com/report/The Forrester Wave Privileged Identity Management Q3 2016/-/E-RES123903

[2] Columbus, L. (2019, March 07). 74% Of Data Breaches Start With Privileged Credential Abuse. Retrieved June 20, 2019, from https://www.forbes.com/sites/louiscolumbus/2019/02/26/74-of-data-breaches-start-with-privileged-credential-abuse

10 Shares