CyberArk, a provider of privileged access management, was recently named Most Innovative Security Solution for its PAM solution by The Tech Ascension Awards. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders.
We sat down with David Higgins, Global Technical Director, CyberArk to discuss privileged access, its importance, and how the current remote work culture has accelerated adoption.
What is privileged access and why is it important to organizations to understand?
Privileged access refers to special access or abilities that go beyond that of a standard user and can often provide that user with full control of business-critical systems and applications.
While traditionally these users have been designated to IT administrators, that definition is quickly changing. In today’s connected environment, every identity – including business users and machines – can become privileged under certain conditions. HR managers, for example, have access to applications like Workday which can hold a vast amount of sensitive information about the company and its employees – information attackers would love to get their hands on. In addition to the increasing number of human users that are accessing these systems, non-human identities like machines and applications also often require privileged access to perform their tasks.
Today’s mobile and digital world has created a fragmented landscape that can be hard to properly manage. However, the exploitation of privileged credentials is the root cause in nearly all major data breaches so it’s important for organizations to understand where privilege exists so they can identify risks and take measures to safeguard their most critical assets against both common and advanced threats.
How do privileged access management solutions like CyberArk help address these challenges?
Privileged access management solutions like CyberArk reduce risk by offering a comprehensive approach to control, manage and audit privileged accounts, credentials and secrets for humans, applications and machines. By continuously scanning environments, CyberArk helps to discover and manage credentials within cloud and hybrid environments and within the DevOps pipeline. It further isolates those credentials, so they are never exposed to an end user or their client applications or devices. The solution also isolates privileged sessions to safeguard critical systems while automatically recording and storing those sessions for audit.
CyberArk monitors all privileged activity to detect and alert on anomalous behavior and will automatically suspend or terminate any suspicious privileged sessions.
The underlying goal is to ensure trust in all privileged activity – trust that the authentication and actions being performed are that of a legitimate, approved user and not an attacker who has compromised the account for nefarious use.
What should organizations know about creating an effective privilege access management strategy?
Privilege Access Management is widely considered a top priority for CISO organizations – and for good reason. But for many organizations, their privileged-related attack surface is much broader than they know with far more privileged accounts than they realized. Securing all these accounts can feel like a daunting task.
We always advise our customers to take a measured and phased approach. Start small by taking inventory of the privileged accounts that exist and take care of the riskiest ones first – those that have access to an organization’s most critical systems and sensitive data.
Another important point to make is that an effective privilege access management strategy isn’t a “one and done” project. Privileged accounts and credentials are being created all the time so it’s important to put a program in place that can adapt to new initiatives – including the adoption of Cloud, DevOps, RPA and SaaS – and grow with your company.
For us, creating a mature privileged access management program should be built upon these three guiding principles:
Preventing Credential Theft – Prevent theft of critical credentials like IaaS admins, domain admins or API Keys by implementing session isolation, removing hard-coded credentials, and employing theft detection and blocking strategies.
Stopping Lateral and Vertical Movement – Most attackers use their first infiltration as a jumping off point to pivot to high-value data or assets. Break this attack chain by enforcing credential boundaries, just-in-time access and credential randomization.
Limit Privilege Escalation and Abuse – Another key strategy for attackers is to work to increase their privileges – limit this by implementing strong least privilege strategies, behavioral analytics, and adaptive response.
How has the current landscape of remote work and the rise in digital transformation initiatives impacted PAM adoption?
It seems like there is a high-profile data breach in the news every single day. Whether it’s rogue employees like the recent Shopify breach or attackers exploiting privilege credentials in the case of Twitter, it is clear that organizations are still struggling with how best to secure privileged access to sensitive systems and data.
On top of that, the current landscape has led to a rapid increase in remote work where employees – many with privileged access – are working from insecure home networks, leaving the workforce more exposed than ever before. Since workstations represent the start of the attack chain, it’s critical to ensure least privilege is enforced (i.e. ensuring a user only has the privileges they need to perform their task and no more) across all workstations and credential theft blocking technology is enabled.
Further, many organizations accelerating their adoption of cloud services and platforms to help with business continuity – leaving security teams shifting focus to secure these new environments. Privileged access management forms a key aspect of an organizations cloud defense strategy due to the ranging levels of privileged access these systems require.
It’s because of this that Privileged Access Management is an even more critical piece to an organization’s overall cybersecurity strategy and strategic risk management initiatives and why the Privileged Access Management market continues to grow with no signs of slowing down.