BeyondTrust released the results of a commissioned study conducted by Forrester Consulting on behalf of BeyondTrust titled, “Evolving Privileged Identity Management (PIM) In the Next Normal,” November 2020. The study was commissioned to evaluate PIM challenges in the “new normal” created by the COVID-19 pandemic.
The COVID-19 pandemic imposed an immediate and massive shift to a remote workforce. This created new vulnerabilities by expanding organizations’ attack surfaces. The pandemic has created a situation where virtually all remote employees need privileged access to perform their jobs and has hastened the “identity as the new perimeter” paradigm.
This survey uncovers the requirements for creating a secure remote workforce that protects the business with PIM in the post-COVID era. Key findings include:
“The findings of this global survey confirm the fact that the pandemic has accelerated the borderless enterprise and brings identity to the forefront of the new perimeter,” states Morey Haber, CTO and CISO at BeyondTrust. “To protect their assets, enterprises must secure their data throughout their IT estate. This requires comprehensive PIM solutions that enable uncompromised access to applications and data from anywhere, by any user or device.”
The definition of who requires privileged access can no longer be reserved for IT administrators; it must include use cases related to remote working. Having robust access controls allows employees to conduct their jobs wherever they are, without incurring risk. PIM strategies must go beyond traditional password management and include a holistic approach, including endpoint privilege management and secure remote access.
Privileged users are critical to the operations of digital business, yet they also present a substantial security risk. Organizations need effective PIM controls to limit the attack surface while enabling regular business operations. The survey results point to the following best practices:
The rapid increase in the need for privileged access by remote workers will open many security holes and compliance violations. To avoid this, set up tools and processes to discover and categorize privileged users and activities to determine appropriate access rights. Apply security controls that best fit the needs of various privileged user types and situations.
Traditional PIM tools don’t effectively meet the rules and governance of privileged users. Evolve and expand your solutions to secure changing environments and attack surfaces.
Adhere to the principle of least privilege (POLP) by granting privileged users just enough access to resources, and just enough permissions to perform actions required for their jobs.
Privileged access must be agile within business areas that have a high rate of change and where personnel or machine identities must access resources. Limiting access to time-bound requests with context-aware workflows for approval removes standing access while enabling the business to move forward.
Make the authentication and access request process as frictionless as possible. Employ unobtrusive security controls, like session monitoring and threat detection, that run in the background and alert you to high-risk activities.
Malicious actors target privileges to gain access to and move laterally throughout an organization. Comprehensive PIM tools and approaches will help protect your enterprise. A holistic PIM solution will provide full visibility of threats across the privileged landscape. An integrated platform will provide consistent administration, reporting, and response capabilities.