{"id":3530,"date":"2018-10-18T14:06:48","date_gmt":"2018-10-18T18:06:48","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=3530"},"modified":"2021-04-06T13:27:30","modified_gmt":"2021-04-06T17:27:30","slug":"3-privileged-access-management-questions-you-must-answer","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/","title":{"rendered":"3 Privileged Access Management Questions You Must Answer"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-3375 size-full\" title=\"3 Privileged Access Management Questions You Must Answer\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\" alt=\"3 Privileged Access Management Questions You Must Answer\" width=\"800\" height=\"425\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-300x159.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-768x408.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-545x290.jpg 545w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-508x270.jpg 508w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-152x81.jpg 152w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD-339x180.jpg 339w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here\u2019s a hypothetical scenario to consider: what would happen to your enterprise\u2019s network if an external hacker or an insider threat obtained the <a href=\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-credentials-identity-automation\/\" target=\"_blank\" rel=\"noopener\">privileged credentials<\/a> of one of your super users? <\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If you shuddered when you thought of such events coming to pass, don\u2019t worry. It\u2019s a normal reaction. It proves you are still sane.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">After all, what couldn\u2019t a hacker do after subverting your privileged access management protocols or solution? Stolen privileged access credentials can cause untold damage to your enterprise. Hackers could use them to steal proprietary digital assets and data without raising alarms, reconfigure your entire environment network, subvert your business processes or financial payments&#8230;and that list just scratches the surface. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Yet despite the potential severity of stolen privileged credentials, according to the 2018 Verizon Data Breach Investigations Report, 80% of all enterprise-level data breaches include stolen or weak privileged accounts. Once hackers have used these credentials there is a nearly 70% chance they will remain undetected, causing damage to the victim enterprise for months. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">How can your enterprise prevent these horrible scenarios from coming to pass? The first step is to answer these 3 privileged access management questions&#8230;and acting on your honest answers. \u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Who Has Privileged Access In your Enterprise? \u00a0<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This is one of those seemingly easy privileged access management questions proving much harder to answer the more you investigate it. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Privilege creep can result in users having permissions they no longer need as they move throughout roles in your enterprise. Additionally, discrepancies in the onboarding process can bestow unnecessary access. This means your ordinary users might have privileges unknown to your security teams (and even to them)&#8230;and which can prove devastating if they end up in the wrong hands. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to Thycotic, 70% of enterprises fail to discover all of the privileged accounts in their networks. 40% never bother to look in the first place. If you plan on gaining more control over your privileged accounts, you need to find these privileged accounts and either remove those permissions or make sure they are properly secured. \u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This also means figuring out how many orphaned accounts\u2014accounts lingering on the network without active users associated with them\u2014are hidden on your network. These can also be stolen or otherwise abused, with the added issue of being harder to detect since there is no normal user observing them. \u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>What Access Do Your Privileged Credentials Have? <\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Among other <a href=\"https:\/\/solutionsreview.com\/identity-management\/the-32-best-identity-and-access-management-platforms\/\" target=\"_blank\" rel=\"noopener\">privileged access management<\/a> questions, this one might seem contradictory. Shouldn\u2019t your privileged users have privileges? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Much like the question above, this query becomes more complicated the more you look into it. Not all superusers are or should be created equal in terms of digital permissions. Instead, your enterprise should look to enforce the principle of least privileges throughout all of your users\u2019 identities. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The principle of least privileges dictates users should have the least amount of permissions possible. Ideally, superusers should only have the access they absolutely need to accomplish their daily tasks. The superusers associated with your HR department should not have access to your financial department\u2019s databases, as just one example. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Your security team should look at the permissions of each of your privileged users, remove the privileges they do not need, and severely limit temporary permissions when granted. \u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>What Privileged Access Management Tools Do You Have?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Legacy solutions are inadequate to handle the demands of modern enterprise\u2019s users and privileges. Your enterprise needs a next-generation solution. There is no way around it.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to One Identity, 31% of enterprises use outdated or manual methods like pen and paper to manage their superuser\u2019s credentials. But writing down passwords invites the unscrupulous to steal passwords or for those passwords to end up in the wrong hands. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Investing in cybersecurity is a hurdle many enterprises still struggle with; it can be hard to invest in something so abstract. Yet it isn\u2019t truly abstract. Only be answering these <a href=\"https:\/\/solutionsreview.com\/identity-management\/10-best-privileged-access-management-platforms-2018\/\" target=\"_blank\" rel=\"noopener\">privileged access management<\/a> questions can you survive in the modern digital marketplace. \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here\u2019s a hypothetical scenario to consider: what would happen to your enterprise\u2019s network if an external hacker or an insider threat obtained the privileged credentials of one of your super users? If you shuddered when you thought of such events coming to pass, don\u2019t worry. It\u2019s a normal reaction. It proves you are still sane. [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":3375,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[142,125,16,112,76,145,124,91,123,90,25],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>3 Privileged Access Management Questions You Must Answer<\/title>\n<meta name=\"description\" content=\"The first step to identity security is to answer these 3 privileged access management questions...and acting on your honest answers. \u00a0\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/\",\"name\":\"3 Privileged Access Management Questions You Must Answer\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"datePublished\":\"2018-10-18T18:06:48+00:00\",\"dateModified\":\"2021-04-06T17:27:30+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"The first step to identity security is to answer these 3 privileged access management questions...and acting on your honest answers. \u00a0\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg\",\"width\":800,\"height\":425,\"caption\":\"Top-Tier Password Best Practices for World Password Day 2021\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"3 Privileged Access Management Questions You Must Answer\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"3 Privileged Access Management Questions You Must Answer","description":"The first step to identity security is to answer these 3 privileged access management questions...and acting on your honest answers. \u00a0\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/","url":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/","name":"3 Privileged Access Management Questions You Must Answer","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","datePublished":"2018-10-18T18:06:48+00:00","dateModified":"2021-04-06T17:27:30+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"The first step to identity security is to answer these 3 privileged access management questions...and acting on your honest answers. \u00a0\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/07\/privileged-access-management-MOD.jpg","width":800,"height":425,"caption":"Top-Tier Password Best Practices for World Password Day 2021"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/3-privileged-access-management-questions-you-must-answer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"3 Privileged Access Management Questions You Must Answer"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3530"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=3530"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3530\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/3375"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=3530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=3530"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=3530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}