{"id":3486,"date":"2018-09-04T11:59:43","date_gmt":"2018-09-04T15:59:43","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=3486"},"modified":"2018-11-08T12:02:29","modified_gmt":"2018-11-08T16:02:29","slug":"privileged-access-management-just-privileged-credentials","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/","title":{"rendered":"Privileged Access Management is More than Just Privileged Credentials"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-3375 size-full\" title=\"Privileged Access Management is More than Just Privileged Credentials\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\" alt=\"Privileged Access Management is More than Just Privileged Credentials\" width=\"800\" height=\"425\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-300x159.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-768x408.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-545x290.jpg 545w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-508x270.jpg 508w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-152x81.jpg 152w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-339x180.jpg 339w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">We speak with no hyperbole when we say privileged access management (PAM) is one of the most crucial aspects of any enterprise\u2019s digital identity platform and strategy. Research indicates stolen or weak privileged credentials account for around 80% of all enterprise data breaches. Access creep in your privileged accounts could render your entire network vulnerable and porous. Moreover, poor privileged access management can increase the risk of insider threats as average employees obtain credentials above their job descriptions. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Your <a href=\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-credentials-identity-automation\/\" target=\"_blank\" rel=\"noopener\">privileged access<\/a> credentials serve as the keys to your enterprise. Yet privileged access management is about more than just credentials. Your enterprise\u2019s identity security may hinge on understanding this. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Why is this the case?<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-privilieged-access-management-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2020\/01\/PAM_BG_SB_800.gif\" alt=\"Download Link to Privileged Access Management Buyer's Guide\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h3 style=\"text-align: justify\"><b>Privileged Credentials For Sale<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Unfortunately, security experts are facing a new reality concerning identity security and cybersecurity overall: the hackers can find the data they need easily. The proliferation of enterprise-level data breaches, repeated or weak privileged credentials, and other poor identity security practices combine to make stolen credentials available for cheap. According to cybersecurity solution provider McAfee, the privileged credentials for an airport security system sold on the Dark Web for only $10. Privileged access account information for over 1 million UK law firm staff members was also for sale. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In other words, if a hacker or insider threats wants into your network via credentials, they can find a way without even implementing a phishing scam. But privileged access management is not a lost cause. Far from it, in fact. According to identity and access management solution provider Centrify, C-Level executives can improve their identity security by rethinking and reformatting their strategies.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">How? \u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Privileged Access Management for the New Age<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The real issue at the heart of so many data breaches appears to be single-factor authentication. This system relies on passwords\u2014notoriously insecure and much reviled by users\u2014as the sole means of an enterprise\u2019s identity security. However, with identity rapidly becoming the new IT perimeter, this will simply not do. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Instead, here are some privileged access management strategies for the new age. Keep in mind this list isn\u2019t an extensive list nor does every strategy fit with every enterprise\u2019s identity security needs: <\/span><\/p>\n<h4 style=\"text-align: justify\"><b>Implement Zero Trust Security<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Zero Trust Security has at its core a simple foundation: entering a privileged credential isn\u2019t enough to verify a users\u2019 identity. Instead, it draws identity information from device validation and behavioral analysis. This behavioral analysis can be as straightforward as using their typical work behavior as a baseline for future activity to monitoring their typing habits to look for discrepancies. Under zero trust security, nothing and no login is trusted. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Zero Trust Security is related to\u2026<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>Implement the Principle of Least Privilege<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">No idea in modern privileged access management is as pervasive or as influential as the principle of least privilege. Under this system, every user (including super users) only has the access entitlements they absolutely need to perform their job functions. If users need special permissions for certain projects, those permissions are only granted by the security team, on a timed basis, and are thereafter revoked. In other words, your HR department\u2019s privileged accounts shouldn\u2019t be able to access the financial department\u2019s sensitive databases. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The principle of least privileges operates at the intersection of PAM and identity governance and administration in preventing access creep. By doing so, even stolen privileged credentials can only cause so much localized damage instead of a devastating enterprise-wide attack.<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>Multifactor Authentication<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Two-factor authentication and multifactor authentication are perhaps the most stable and sensible defenses enterprises have against privileged credentials theft. Making your security less dependant on passwords is always a positive step forward, and the more layers you can put on your identity security the better.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The factors in two factor or multifactor authentication can include biometric factors\u2014physiological factors like fingerprints or behavioral factors like typing patterns\u2014device recognition, a hard token, a pin number, and geofencing in addition to privileged credentials. The idea is to combine something known like a password with something the user has such as a token. Hackers may easily get their hands on one, but not the other&#8230;hampering their efforts. \u00a0\u00a0<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>Don\u2019t Allow Password Reuse<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">In so far as this is possible, don\u2019t allow your employees and your super users to use the same passwords as they use for other accounts. The more your super users user their privileged credentials outside your enterprise network, the more vulnerable they are to being stolen in an unrelated breach. This can be a difficult mandate to enforce, but well worth the effort. \u00a0\u00a0\u00a0<\/span><\/p>\n<h4 style=\"text-align: justify\"><b>Close Orphaned Accounts<\/b><\/h4>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">When a privileged account user leaves your network under any circumstances, make sure their credentials are removed from the network entirely as part of the off-boarding process. Otherwise, those privileged credentials continue to linger as an orphaned account\u2014an account you can\u2019t monitor because there isn\u2019t a user truly associated with it. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">When you find a privileged access management solution, use it to scan your network for lingering orphaned accounts and shut them down before they fall into the wrong hands. \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">A data breach can cost your enterprise well over $3 million on average. Getting a handle on your privileged credentials is one\u00a0step in saving that money. The next step is getting a handle on your <a href=\"https:\/\/solutionsreview.com\/identity-management\/10-best-privileged-access-management-platforms-2018\/\" target=\"_blank\" rel=\"noopener\">privileged access management<\/a> overall. \u00a0\u00a0<\/span><\/p>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>We speak with no hyperbole when we say privileged access management (PAM) is one of the most crucial aspects of any enterprise\u2019s digital identity platform and strategy. Research indicates stolen or weak privileged credentials account for around 80% of all enterprise data breaches. Access creep in your privileged accounts could render your entire network vulnerable [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":3375,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[142,125,237,16,112,76,286,188,70,145,124,91,123,90,25],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Privileged Access Management is More than Just Privileged Credentials<\/title>\n<meta name=\"description\" content=\"Your privileged credentials serve as the keys to your enterprise. Yet privileged access management is about more than just credentials.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/\",\"name\":\"Privileged Access Management is More than Just Privileged Credentials\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"datePublished\":\"2018-09-04T15:59:43+00:00\",\"dateModified\":\"2018-11-08T16:02:29+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Your privileged credentials serve as the keys to your enterprise. Yet privileged access management is about more than just credentials.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"width\":800,\"height\":425,\"caption\":\"Top-Tier Password Best Practices for World Password Day 2021\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Privileged Access Management is More than Just Privileged Credentials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Privileged Access Management is More than Just Privileged Credentials","description":"Your privileged credentials serve as the keys to your enterprise. Yet privileged access management is about more than just credentials.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/","url":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/","name":"Privileged Access Management is More than Just Privileged Credentials","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","datePublished":"2018-09-04T15:59:43+00:00","dateModified":"2018-11-08T16:02:29+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Your privileged credentials serve as the keys to your enterprise. Yet privileged access management is about more than just credentials.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","width":800,"height":425,"caption":"Top-Tier Password Best Practices for World Password Day 2021"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/privileged-access-management-just-privileged-credentials\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Privileged Access Management is More than Just Privileged Credentials"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3486"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=3486"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3486\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/3375"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=3486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=3486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=3486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}