Rethink cyber security with privileged access management

Privileged access management (PAM) is the hot button cyber security topic for Mark de Simone, vice president of international sales and business development at WALLIX Group. De Simone participated in Altron Systems Integration’s Cyber in the City virtual event in November 2020, and he noted that while the concept is still only gaining traction in the South African market, it is an important new approach in tackling modern day compliance, cyber security, data theft and leaks, and credentials theft challenges.

The approach solves the problem of insider threats and of outsiders gaining access to systems and data via stolen admin credentials. WALLIX describes PAM as the granting of conditional administrative access privileges to critical systems to only a few key, trusted people who need it to do their jobs. Only these privileged super-users will be able to change system configurations and user accounts, or access secure data. PAM does not imply a free-for-all for these users though: this trusted access is controlled, monitored and time limited.

A PAM approach allows organisations to transition from a traditional approach to cyber security based on infrastructure, firewalls, antivirus software, and physical and perimeter security to one based on what people do and how they interact with secrets and information, says De Simone. This logical approach to security centres on access management, endpoint solutions and identity management. The shift in approach has been accelerated by the COVID-19 pandemic: as organisations rapidly moved to support working from home, it became clear that different users needed different flavours of remote access and protection.

Privileged super-users refer to several distinct groups of people. First, the IT supervisors who require admin access to do their jobs. A second group of privileged users are part of the business leadership, including CEOs, CFOs, treasurers, and anyone else needing access to highly confidential intellectual property and company information. And a third group are the people who maintain technical systems. Any company needing maintenance on their technical systems requires specialists to enter the information systems, complete the maintenance work, and then exit without company passwords.

PAM enables three critical safety measures for these super-users who need regular access to the company’s digital crown jewels:

Proxy passwords that are linked to specific user profiles and regularly rotated. This means that the actual passwords protecting critical data, systems and applications are never at risk.
Super-users are granted specific privileges for specific applications for discrete sessions. And within each super-user session, actions are recorded and tracked to enable immediate flagging and prevention of any illegal or undesired activities.
Remote access is via a proxy website, which keeps the connection safe and monitored even in the absence of a VPN or if the person is using a non-company device.
De Simone predicts that the demand for PAM is set to explode, with increasing digitalisation requiring organisations of all types—notably hospitals and factories, for instance—to allow remote third parties access to their corporate networks to support their operations. As organisations get bigger and more complex, it is possible that there may be more users requiring privileged access than there are employees: consider contractors, remote workers, and automated users. Further, he says that while we often think of the risk of cybercrime in financial and reputational terms, today it extends to every facet of our lives. Digitalised utilities and other services mean our water, power, transport and other essential services could be disrupted due to cybercrime. With security only as strong as its weakest link, PAM services could enable smaller companies to bid for large contracts, and be able to demonstrate their cyber security credentials.

Mark de Simone joined an expert panel at Altron Systems Integration’s Cyber in the City event to discuss business-led security and how companies can adapt to a changing security landscape. Find out more at www.cyberinthecity.co.za and if you missed out on the event, watch the recording here https://youtu.be/lIKIWb9exqk.