databases, middleware and applications to (数据库、中间件和应用程序).pdf
文本预览下载声明
Home
Market Guide for Privileged Access Management
Establishing controls around privileged access continues to be a focus of attention for organizations and auditors. IAM
and security leaders must be prepared to secure, manage and monitor privileged accounts and access. A thriving
market provides many options for tools to help with these tasks.
Key Findings
Prevention of both breaches and insider attacks has become a major driver for the adoption of privileged access
management (PAM) solutions, in addition to compliance and operational efficiency.
The PAM market continues to see strong growth across the board, with new players entering the market.
Total cost of ownership for PAM products is highly variable and depends on many factors that are not obvious from
initial proposals by vendors.
Adoption of PAM products by organizations is often partial, leaving gaps that translate to risk.
Product differentiators include Active Directory (AD) to Unix/Linux bridging, builtin high availability, multitenancy,
privileged usage and threat analytics, SSH key management, and OCR session transcription.
Recommendations
IAM and security leaders:
Do not overlook nonhuman service and application accounts – major sources of operational and security risk.
Ensure a sustainable and failsafe solution, and scrutinize vendors highavailability and disaster recovery features,
as well as dependencies on external components such as RDBMS.
Mind the gaps: a partial implementation of PAM tools will leave vulnerabilities and, thus, still leave you exposed.
Engage administrative users early. Sell them on the idea that they will have more control over the systems.
Compare mixed offerings from multiple vendors against comprehensive suites. Adding thirdparty capabilities such
as privileged session management (PSM) can sometimes offer a more suitable solution at a lower price than a
suite offering.
Strategic Planning Assumption
显示全部