PAM in 2019: Organizations Need Greater Visibility and More Granular Control


Gartner’s Identity and Access Management (IAM) Summit was held Dec. 3-5 in Las Vegas, giving security pros an opportunity to discuss how the IAM landscape is evolving. Not surprisingly, privileged access management (PAM) was a focal point of the event. Organizations are struggling to implement effective PAM processes in light of growing numbers of users and devices, both internal and external. Many lack visibility into all privileged accounts across the extended enterprise, creating blind spots that can threaten security.

Also, user roles and access requirements are constantly shifting, making it difficult for IT teams to identify insider threats and control risky user behavior. This challenge is exacerbated by PAM policies that assign privilege based on static roles rather than actual access requirements.

To reduce these risks, organizations should minimize the overall number of privileged accounts and limit administrator remote access to critical systems. However, experts at the IAM Summit acknowledged this can be tricky, as users need access to perform their job functions. Organizations must strike a critical balance between efficiency and privileged account security, which requires a more granular approach to PAM.

To implement a more effective PAM strategy for your organization, turn to CyberArk’s Core Privileged Access Security platform. CyberArk not only protects privileged credentials in the Enterprise Password Vault but enables the just-in-time access approach that Gartner recommends as a complement to traditional role-based and access-based controls. Organizations can give users access to privileged credentials without revealing passwords and can regularly rotate passwords and other “secrets” without negatively impacting production environments.

CyberArk also gives organizations visibility into their privileged accounts across on-premises, cloud, and DevOps environments. The Discovery & Audit (DNA) scanning tool discovers privileged passwords, SSH keys, and more, and generates both technical and executive reports on risks to the organization. Clango uses DNA to conduct periodic scans on behalf of our customers and helps them interpret the results and develop remediation plans.

The Core Privileged Access Security platform also features two additional tools for identifying and tracking privileged access:

  • Privileged Session Manager monitors privileged account activity in real time, down to the keystroke level, and maintains an audit trail that cannot be tampered with. Authorized users can view privileged sessions and remotely suspend or terminate any that look suspicious.
  • Endpoint Privilege Manager automatically locates and removes local administrator rights, reducing the risk of credential theft and privilege escalation attacks. Users can gain elevated privileges as needed for authorized tasks, giving organizations greater control over endpoints without hampering productivity.

Clango’s CyberArk Certified Delivery Engineers have the knowledge and experience to help you take full advantage of these solutions. We also offer managed services focused on the CyberArk platform and have developed a suite of tools that enhance the value of CyberArk through customization and integration with other systems.

PAM isn’t getting any easier. In fact, it’s becoming increasingly complex as organizations grapple with increasing numbers of privileged accounts and static policies and procedures that do not adequately address the pace of change. CyberArk has been named a leader in the 2018 Gartner Magic Quadrant for Privileged Access Management, rated highest in execution and furthest in vision. Let us help you take advantage of the CyberArk platform to enhance your PAM strategy in 2019 and beyond.


For more information about Privileged Account Management, please send us an email at (

Comments Closed.