Tag: PAM

Privileged Account Management Is Critical in the Cloud

Cloud Security
The move to the cloud began in earnest in 2007, as organizations looked for ways to cut capital expenses during the Great Recession. Fast-forward a decade, and the cloud is more popular than ever. According to a recent survey by LogicMonitor, 68 percent of workloads are running in public, private, or hybrid clouds, and that number will increase to...

Privileged Account Risk Begins at the Workstation Level

Local Admin Risk
At Clango, our CyberArk consultants and engineers are often asked, “What constitutes a privileged account?” Many people who ask that question are surprised by the answer. There’s a common misconception that privileged accounts are only those that enable the highest levels of administrator access — for example, domain controller credentials in a Microsoft environment. However, any admin rights, even...

What Is Privileged Session Management and Why Is It Important?

PSM
The critical first step in privileged account management (PAM) is to identify, consolidate, and lock down privileged credentials so only authorized users have access to them. However, this is only the first step. To be effective, PAM should include privileged session management as well as credential protection. Privileged session management is a security control involving the monitoring and recording...

Data Manipulation: A More Troubling Problem than Data Theft

PAS
Many people are concerned about the theft of sensitive information, and rightfully so. According to the 2016 Identity Fraud study by Javelin Strategy and Research, identity theft cost U.S. consumers $15 billion in 2015. Businesses also fall victim to identity theft, to the tune of $221 billion worldwide each year. But a more insidious data security problem is gaining...

Why the IoT Needs IAM, Part 2: The Complexity of Controlling Access

DDOS
In a previous post Why the IoT Needs IAM, Part 1: Rise of the Botnets, we discussed the growth of the Internet of Things (IoT) and the enormous attack surface created by billions of Internet-connected devices. Many of these devices have been recruited into botnet armies that are used to launch distributed denial of service (DDoS) attacks. Others are...

Automation Helps Meet Regulatory Requirements for Privileged Accounts

Automation
Privileged account security has become a focal point of many government and industry regulations. Take, for example, the latest version of the Payment Card Industry Data Security Standard (PCI-DSS), which mandates security practices and controls that must be implemented by organizations that store, process, or transmit payment card data. PCI-DSS 3.2 requires that organizations change vendor-default passwords for privileged...

Overcoming the Operational Obstacles to Privileged Account Security

Clango
Privileged account management is one of the most critical components of any enterprise security strategy. Cybercriminals prize privileged account credentials because they provide administrator-level access to servers, security systems, network devices, databases, applications and other resources. If hackers are able to obtain the “keys to the kingdom,” they gain virtually unfettered access to an organization’s systems and data. Best...