PAM (Privileged Access Management)
Let’s talk about PAM, and no I am not talking about the beloved cooking spray. I am talking about PAM; Privileged Access Management. Many define this as a technology that controls the elevated or privileged access permission for users, service accounts, processes, and systems within the IT ecosystem. Placing this into terms of why we would need to do this. We have all seen a request for these cyber insurance forms, compliance requests, contractor self-attesting, etc. On these forms, it can commonly be found requesting how your company is handling its Least Privilege access.
What can I do with a PAM to apply the principle of least privilege you may ask? That comes down to restricting permissions to the minimum levels a user or program needs to perform. And it has become a great way to protect against cybersecurity threats.
What can PAM do at a practical level of an organization?
A simple answer prevents mistakes or malicious action from happening because the fact is the user, service account or application cannot run said function without approval.
What are the capabilities to look for in your PAM?
- Integration – Improving user workflow by centralizing access
- Automation – Remove manual tasks with an automated process
- Role-based access control – Restrict network access to authorized users based on their role
- Auditing – Records and monitors privileged session activity
- Compliance – Help your organization achieve its cybersecurity goals
- Easy – It should be user-friendly to streamline the process
What does this mean for you and your staff?
Pretty simple question and yet brings a rather large change to the day-to-day operations within a network. You may have heard your IT team say they need to prevent users from installing senseless applications on machines. In most small to medium businesses, most users are configured with administrative rights on the local machine, giving them a great level of autonomy to install and update anything they want. But if you think about it, this is where most mistakes occur, and breaches happen. If a user can no longer run an executable on their machine that has not already been approved to run, they would need to send in a request for approval.
What does this mean for management?
Well, you need to have a procedure defined on what is and is not approved applications for the staff to perform their duties. If they are putting in a request to download uTorrent or Spotify on a work machine, most likely this is not something you want happening inside your business. Having this process will allow the IT security team a workflow to follow for approvals.
Do the requests ever end?
Short answer, no, not really. Users are always going to install new things on their workstations. It is not that they are doing this maliciously it is the feeling of need and want rather than safe or required. With a PAM solution that is properly configured, it can be incredibly manageable to handle hundreds of users and their requests. Best to take control of the situation than let your network become the wild west of your users.
Implementing a PAM solution is an efficient method to control permissions within your network. Better auditing and insight into what transpires at the user, and machine access level. Reducing the risk of over privilege and poor offboarding to prevent security holes. At the end of the day, it is about protecting your business.