ISO/IEC 27001:2013-02

centrify-mapping-to-iso27001-controls.jpg

How to Improve Your Compliance Posture with Identity-Centric PAM

In an era when cyber-attacks have become common occurrences, it’s vital for organizations to improve their cyber resilience and implement a robust cybersecurity framework. In this context, a variety of government entities, oversight agencies, and industry standards bodies have created guidelines to strengthen their constituents’ security posture and provide prescriptive measures to defend against today’s cyber threats.

One of these guidelines is ISO/IEC 27001:2013-02, which was prepared by the Joint Technical Committee of the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). It’s designed for organizations to use as a reference for selecting and establishing effective security controls in the process of implementing an Information Security Management System (ISMS) or simply as a guidance document for organizations implementing commonly accepted information security controls.

Ultimately, protecting data remains the most critical security concern for compliance and risk management personnel, as insider and external threats to confidential information is increasing every year at an alarming rate. According to estimates from Forrester Research, 80 percent of today’s data breaches involve stolen, weak, default, or otherwise compromised privileged credentials. Thus, organizations need to emphasize proper privileged access management practices when constructing their cyber defense strategy.

Centrify Identity-Centric Privileged Access Management (PAM) enables organizations to consolidate identities, deliver cross-platform least privilege access, and control shared accounts while securing remote access and auditing all privileged sessions. In turn, Centrify helps address many of the recommendations outlined in ISO/IEC 27001:2013-02.