Follow Tweet This Facebook LinkedIn google+
Industry talking to customers What's this?

Privileged access management in the spotlight

Published: December 11th, 2018 By: Glenn Weir

CyberArk

The first-ever Magic Quadrant for Privileged Access Management was just published by Gartner.1

What, exactly, is privileged access to us?

In the mid-2000s networked computing ushered in a new era of business communications and operations. This led to the growth of online data storage and management, as well as the rise in cloud computing applications for the enterprise and machine-to-machine integrations through AI and machine learning. As the need for people and machines to access networked services and infrastructure increased, so too has the risk for potentially critically dangerous breaches.

Almost as soon as organizations began utilizing new networked and cloud-based technologies — financial and healthcare organizations in particular — concerns over the dangers and potential misuse that access to privileged information and highly-sensitive data and infrastructures could cause became apparent.

In the era of Local Area Networks (LANS) digital security protocols focused on fortified perimeters — keeping attackers outside of the corporate network and away from the valuable assets within them. However, firewalls and other similar security measures are defenseless against the threat of bad actors inside organizations who gain — or have been given — access to privileged accounts, or social engineering attacks designed to trick or manipulate administrators. Moreover, the adoption of the Cloud is disrupting the entire concept of a Local Area Network, rendering perimeter-based security less and less relevant.

The phrase “Keys to the IT Kingdom” is often used when referring to the privileged nature of some administrator accounts and systems to give a sense of how potentially cataclysmic a breach in access could be. Over the past decade, there have been an array of notable security breaches that were the result of insiders misusing their privileged access, from Terry Childs withholding passwords from the city of San Francisco to Edward Snowden copying classified information from the NSA. Both instances were caused by the lack of oversight and security for vital security credentials.

Privileged access is not just a compliance problem or a human user problem. It is, without a doubt, a security problem that encompasses users, applications and machine identities – and has the power to completely disrupt business. And so, privileged access management is necessary to protect against the threats posed by credential theft and privilege misuse. More and more organizations are realizing that the privilege-related attack surface is expanding at a rapid pace with an evolving landscape of systems, applications, machine-to-machine accounts, hybrid environments, DevOps, IoT devices and more.

To address emerging security and risk management needs, CyberArk provides a proactive solution – a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline.

To learn more, download a complimentary copy of the Magic Quadrant for Privileged Access Management.

1 – Gartner, Magic Quadrant for Privileged Access Management, Felix Gaehtgens, Dale Gardner, Justin Taylor, Abhyuday Data, Michael Kelley, 3 December 2018
2 – Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.