• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Prioritising privileged access management in 2022

Homan Farahmand by Homan Farahmand
March 17, 2022
Photo by George Becker from Pexels

Photo by George Becker from Pexels

Privileged access management (PAM) is a high-priority cyber defence capability. PAM requires a comprehensive technical strategy based on a zero-standing privilege (ZSP) operating model. Key success factors include visibility and control of privileged accounts across all assets.

Traditional PAM controls such as credential vaulting and session management are essential, but not sufficient. Adopting just-in-time privilege approaches and managing machine identities are imperative while implementing privilege task automation and advanced analytics are preferred.

Broader coverage of PAM controls for cloud platforms, DevOps, microservices, robotic process automation (RPA) and operational technology scenarios requires robust secrets management (with secretless brokering) and cloud infrastructure entitlement management (CIEM).

PAM is applicable to all local and remote human-to-machine and machine-to-machine privileged access scenarios. This makes PAM a critical infrastructure service due to risk aggregation related to storing sensitive credentials/secrets as well as performing privileged operations in different systems. As such, PAM capabilities require thoughtful high-availability and recovery mechanisms.

“PAM should be prioritized as a cyber defence mechanism. It plays a key role in enabling zero trust and defence-in-depth strategies that extend beyond mere compliance requirements. Some organizations may choose to deploy a minimum set of PAM controls to meet their compliance obligations in response to an audit finding.

“However, these organizations remain susceptible to attack vectors such as service accounts, privilege escalation and lateral movements. Although minimalistic controls are better than nothing, expanding the PAM control coverage can mitigate a broader number of risks to defend against complex cyberattacks.”

The figure below shows the key steps to develop/enhance PAM architecture strategy:

Security and risk management technical professionals should:

Develop a risk-based approach to plan and implement or enhance PAM controls and their breadth of coverage by creating a PAM control coverage matrix that aligns with the organization’s cybersecurity framework.

Implement core PAM capabilities by deploying solutions that cover intended use cases while driving a zero standing privilege operating model. That includes governance, discovery, protection, monitoring, auditing, and just-in-time privilege elevation and delegation.

Implement additional PAM capabilities by extending the deployed solutions or integration with other security management tools. That includes remote support, task automation (especially in DevOps pipeline and infrastructure-as-code use cases), change management, vulnerability assessment and remediation, as well as secrets management, secretless brokering, and cloud infrastructure entitlement management. Integrate PAM solutions with security information and event management (SIEM) and IT service management (ITSM) tools.

Architect resiliency for the PAM solution by using high-availability design and advanced disaster recovery processes, such as a hot or cold site versus simple local backup and recovery. Also, plan for recovery scenarios using reliable break-glass approaches.

First published on Gartner Blog Network

Related:  Adobe unveils IP-friendly GenAI video model
Tags: CIEMcyberattacksdefense in depthGartnerPrivileged Access Managementrisk management
Homan Farahmand

Homan Farahmand

Homan Farahmand is a senior director analyst within Gartner for Technical Professionals (GTP) covering digital identity and access management (IAM) modernization and emerging technologies adoption including decentralized web and blockchain platforms/protocols. Previous experience Prior to his current role at Gartner, Farahmand led the Gartner Identity and Access Management consulting practice globally as well as the Security and Risk Management consulting practice in the financial services industry. He has worked in multiple commercial industries and public-sector organizations across North America, Europe and Japan. His IAM engagements during the last decade have spanned strategy and roadmap development, current architecture assessment, future architecture development, governance and organization development, risk and control management, technology and vendor evaluation, implementation oversight, and benchmarking and sourcing. Before joining Gartner, Farahmand held consulting and leadership positions at Burton Group, PricewaterhouseCoopers, Meta Group and GE Capital IT solutions. Prior to that, he was involved in hands-on application development and system engineering. Professional background Burton Group Principal Consultant Meta Group Vice President, Strategic Solutions GE Capital IT Solutions

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe