UP TO 50% OFF on Combo Courses!

Securing Next Generation Technologies through Privileged Access Management – PAM

ethical hacking course

Technology advancements has led to huge interest in NGTs (next-generation technology), like digital transformation (DX), DevOps, cloud, AI and IoT. These technologies are leading to a bright future increasing efficiencies, greater business agility, better customer engagement and cost savings. However we cannot ignore the dark side of it: security breach. There are gigantic business costs that result from security breaches like lost productivity, loss of reputation, monetary damages, and compliance penalties

A study shows that, more than half the time, these breaches occur due to inappropriate actions of trusted users.

This is where Privileged Access Management comes into play especially if an organization is growing. Today, it’s too easy for attackers to obtain domain admin’s account details and it’s difficult to discover these attacks. The goal of PAM is to reduce opportunities for hostile users to get access, while increasing am organization’s control and awareness of the environment.

A PAM system offers a secure and efficient way to authorize and supervise all privileged users for all relevant systems. Following are the five best practices of PAM which should be implemented to ensure optimum level of security.

  1. Discover and audit privileged access accounts on a continuous basis. This should include a thorough evaluation of all accounts currently being used across physical, virtual, and cloud environments.
  2. Segment Network to have more control over access to sensitive data and to prevent malicious traffic from establishing a communication channel within your network, thereby reducing the likelihood of a successful attack.
  3. A strict governance of shared secrets and hard-coded passwords play a vital role in limiting the effects of data breaches.
  4. Grant access only when it’s needed and enforce least privilege and suitable credential usage.
  5. Scrutinize vulnerabilities and configuration compliance to minimize risk and identify security weaknesses.

Author – Jaya Kalwani
Independent Consultant

Cultivating a CISSP Mindset 10 Questions to Elevate Your Expertise