In the military, they have a well-known phrase that happens to succinctly describe the definition of the least privilege principle: ‘Need-To-Know Basis’. For the military, this means that sensitive information is only given to those who need that information to perform their duty. In cybersecurity, it’s much the same idea. The ‘least privilege’ principle involves the restriction of individual user access rights within a company to only those which are necessary in order for them to do their job. By the same token, each system process, device, and application should be granted the least authority necessary, to avoid compromising privileged information.
This month marks the 25th anniversary of the famous “On the Internet, no one knows you’re a dog” cartoon appearing in The New Yorker. Oh, how true that was, and still is, a quarter century later. Chances are, artist Peter Steiner had no idea how prescient his drawing was. We are indeed in the Internet dog days, of identity access management (IAM) and PAM at least.
An organization’s security posture benefits from the ability to manage and track access to privileged accounts. Privileged users—as well as those impersonating them—can present major security threats. A Privileged Access Management (PAM) solution offers an answer. It enables security teams to stay on top of privileged account access. To work, however, it must be a scalable PAM solution. The PAM solution must scale flexibly in a growing organization or suffer being disused, to the detriment of security overall. What does it take to build a scalable PAM solution? This article explores the answer to that question.
Supply chains are essential for the proper functioning of industrial systems and critical infrastructure. However, they’re also quite messy, in terms of security. Supply chains invariably connect users and systems from multiple entities, often in different countries. This setup exposes every company in the supply chain to cyber risk. Among countermeasures, Privileged Access Management (PAM) offers one of the best ways of minimizing supply chain vulnerabilities.
As cybersecurity concerns rise across all industries, as media and service companies, Telecommunications and Cloud Service Providers (CSPs) face particular challenges. With massive amounts of client data and critical infrastructure, they are tempting targets for hackers. Telecom and CSPs need security solutions that can adapt and evolve with them, and respond to challenges unique to their industries.