Legacy PAM is not enough for the modern attack surface.
Legacy Privilege Access Management (PAM) has been around for decades and was designed back in the day when ALL of your privileged access was constrained to systems and resources INSIDE your network. The environment was Systems Admins with a shared “root” account that they would check out of a password vault, to access a server, a database or network device. Legacy PAM served its purpose.
However, today’s environment is different, privileged access not only covers infrastructure, databases and network devices but is extended to cloud environments, it includes big data projects, it must be automated for DevOps, and it now needs to cover hundreds of containers or microservices to represent what used to be a single server. In addition, Advanced Persistent Threats (APTs) create a growing and changing risk to organizations’ financial assets, intellectual property and reputations. Expanding access and obtaining credentials is an essential part of most APTs, with privileged access being the crown jewels. Forrester stated that “80% of security breaches involve privilege credentials.”1
1 The Forrester Wave: Privileged Identity Management, Q3 2016