Privileged access management là gì
What Is Privileged Access?In an enterprise environment, “privileged access” is a term used to designate special access or abilities above and beyond that of a standard user. Privileged access allows organizations to secure their infrastructure and applications, run business efficiently and maintain the confidentiality of sensitive data and critical infrastructure. Show
Privileged access can be associated with human users as well as non-human users such as applications and machine identities. Examples of privileged access used by humans:
Examples of non-human privileged access:
Privileged accounts, credentials and secrets exist everywhere: it is estimated that they typically outnumber employees by three to four times. In modern business environments, the privilege-related attack surface is growing fast as systems, applications, machine-to-machine accounts, cloud and hybrid environments, DevOps, robotic process automation and IoT devices become increasingly interconnected. Attackers know this and target privileged access. Today, nearly 100 percent of advanced attacks rely on the exploitation of privileged credentials to reach a target’s most sensitive data, applications and infrastructure. If abused, privileged access has the power to disrupt business. Notable Security Breaches Involving Privileged AccessOver the past decade, there have been numerous security breaches linked to privileged access abuse. From Terry Childs and Edward Snowden to Yahoo! and the massive breach at the U.S. Office of Personnel Management to the Bangladesh Bank breach and the attack on the Ukraine power grid and even the highly publicized Uber breach – the common denominator in each attack was that privileged credentials were exploited and used to plan, coordinate and execute cyber attacks. What Is Privileged Access Management (PAM)?Organizations implement privileged access management (PAM) to protect against the threats posed by credential theft and privilege misuse. PAM refers to a comprehensive cybersecurity strategy – comprising people, processes and technology – to control, monitor, secure and audit all human and non-human privileged identities and activities across an enterprise IT environment. Sometimes referred to as privileged identity management (PIM) or privileged access security (PAS), PAM is grounded in the principle of least privilege, wherein users only receive the minimum levels of access required to perform their job functions. The principle of least privilege is widely considered to be a cybersecurity best practice and is a fundamental step in protecting privileged access to high-value data and assets. By enforcing the principle of least privilege, organizations can reduce the attack surface and mitigate the risk from malicious insiders or external cyber attacks that can lead to costly data breaches. Key Privileged Access Management ChallengesOrganizations face a number of challenges protecting, controlling and monitoring privileged access including:
Why Is Privileged Access Management (PAM) Important For Your Organization?
Organizations that prioritize PAM programs as part of their larger cybersecurity strategy can experience a number of organizational benefits, such as mitigating security risks and reducing the overall cyber attack surface, reducing operational costs and complexity, enhancing visibility and situational awareness across the enterprise and improving regulatory compliance. Privileged Access Management Best PracticesThe following steps provide a framework to establish essential PAM controls to strengthen an organization’s security posture. Implementing a program that leverages these steps can help organizations achieve greater risk reduction in less time, protect their brand reputation and help satisfy security and regulatory objectives with fewer internal resources.
To explore these best practices in detail, please visit here. Learn More About PAM
Privileged access là gì?Quyền truy cập đặc quyền (Privileged Access) là gì? Trong môi trường doanh nghiệp, “quyền truy cập đặc quyền” là một thuật ngữ được sử dụng để chỉ định quyền truy cập hoặc khả năng đặc biệt cao hơn và bao quát rộng hơn so với người dùng tiêu chuẩn.
Privileged account là gì?Tài khoản đặc quyền (privileged account) là tài khoản người dùng có nhiều đặc quyền hơn tài khoản người dùng bình thường.
Pam trong ít là gì?NetIQ Privileged Account Manager (PAM) giúp nhân viên IT kiểm soát và giám sát quyền truy cập quản trị vào các máy chủ, thiết bị mạng và cơ sở dữ liệu (database).
Pam BeyondTrust là gì?BeyondTrust (BT) PAM là giải pháp giúp tự động khám phá / discovery và tự động quản lý các tài khoản đặc quyền tồn tại trong hệ thống, phân quyền, quản lý truy cập của người dùng đặc quyền đến thiết bị/máy chủ quan trọng trong hệ thống.
|