In 2021, more than ever, the protection of corporate assets requires special vigilance, especially with respect to high-privileged access. Exposure to these resources has been heightened since the onset of the worldwide pandemic and the subsequent increase in telecommuting for most employees. In fact, auditors are paying more and more attention to privileged access during their inspections while hackers, too, are on the lookout for them.
Ensuring the legitimacy of these accounts and their owners has become a top priority. Discover why and how to guard against too much elevation of power.
What are the issues raised by the use of privileged accounts within organizations?
On average, there are three times as many privileged accounts as employees in a company. Digital transformation and the resulting increase in the hybrid approach which combines cloud and on-premise systems have led to a proliferation of privileged accounts.
Take the example of application, technical, service and administration accounts. If they are essential to the functioning of a company, their level of sensitivity requires the identities that have access to them to be controlled using the principle of least privilege, meaning granting each identity only the authorizations that are necessary to do his or her job. This is becoming a top priority as computer attacks are more prevalent and attempt to take control of privileged accounts.
Whether it is to preserve the security of its resources or to meet compliance requirements, controlling all privileged accounts within a company has become a fundamental prerequisite.
How does this translate into practice regarding the security tools in Brainwave GRC’s sector of activity?
More and more companies are equipping themselves with security tools such as Privileged Account Management, or PAM, solutions which have quickly become imperative in assigning and securing privileged access.
These solutions address two major issues:
- to identify all the resources associated with these high-privileged accounts (infrastructure, applications, unstructured data and cloud services) and define the security strategy, and
- to verify on a regular basis that the current authorizations comply with the company’s security and governance policies and that each user is an approved owner of these privileged accounts.
Addressing this dual challenge can be time consuming and tedious. We recently asked our customers about this. They shared three key requirements with us based on their need to:
- expand the scope of the PAM solution by making it easier and quicker to secure more resources,
- simplify the identification of risks related to each privileged account and to rank and prioritize them according to their degree of sensitivity, and
- ensure continuous monitoring of repositories like Active Directory security groups to prevent drift.
How does Brainwave GRC’s product offering respond to these challenges?
As a specialist in Identity Analytics for over 10 years, Brainwave GRC has designed a comprehensive service to accurately analyze all highly-privileged accounts in addition to verifying the identities accessing these accounts and determining compliance.
To address the issues raised by our customers, we recently launched a new product, Privileged Governance Services. Our goal is to accelerate the implementation of PAM solutions, especially for companies using the market-leading solution proposed by CyberArk.
Privileged Governance Services is aimed at both CISOs and PAM program managers. Our new offering allows them to:
- have complete visibility into all available accounts, including privileged accounts, and be able to document them,
- understand the identity context and automatically verify the validity of their accesses,
- specify the privileged accounts to be protected in the CyberArk solution and plan their security in the PAM solution,
- detect risky situations and benefit from an automated control and compliance plan for access rights, and
- receive reporting about compliance.
In conclusion, using Barinwave’s Privileged Governance Services provides organizations with a comprehensive, effective and efficient tool that ensures the principle of least privilege.