Advice From The Community

Read answers to top Privileged Access Management questions. 430,988 professionals have gotten help from our community of experts.
Menachem D Pritzker
On July 15, 2020, several verified Twitter accounts with millions of followers were compromised in a cyberattack. Many of the hacked accounts we protected using two-factor authentication, which the hackers were somehow able to bypass. Hacked accounts included Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Mike Bloomberg, Warren Buffett, Kim Kardashian, and Kanye West, Benjamin Netanyahu, and several high profile tech companies, including Apple and Uber. The hackers posted variation of a message asking follower to transfer thousands of dollars in Bitcoin, with the promise that double the donated amount would be returned. How could Twitter have been better prepared for this? How do you rate their response?
author avatarKen Shaurette
Real User

I like the potential for catching an unusual activity like that with our recently implemented endpoint detection tool, Cynet360.  It seems so far to have about the highest level of transparency into the endpoint with a 24x7x365 backing of monitoring.  

author avatarMenachem D Pritzker

@Ken Shaurette thanks! I missed it live, will catch the recording when I get a chance. What security platforms do you think would have done the best job at preventing the hack?

author avatarJoke
Real User

The use of two factor authentication by Twitter

author avatarParesh Makwana

This is one of the Identity theft issue, which means some one hack your password or account and do activity which he she is not suppose to do. basic reason of hack of your identity or password is Social engineering. second reason is system has week privilege access management. If you have less control on admin id or privilege id then enter firm has to suffer along with the customer of that firm. For me the take away of this event is to protect privilege ID and you good PAM PIM tool with two factor and UBA included.  

author avatarRussell Webster
Real User

Span of control, Solid RBAC, Privileged Access Management (PAM) 

Paresh Makwana
I am a director of a small tech services company. How do you think AI and ML will help or work with Privileged Identity Management (PIM) and Privileged Access Management (PAM)?
author avatarIdan Shoham
Real User

First, terminology - there really is no such thing as privileged identity management. PAM systems broker access to existing accounts and other entitlements - they do not normally create or manage the lifecycles of identities (login accounts, etc.) which is what identity management means. That's just a misnomer introduced and later abandoned by some vendors.

As for the link between ML/AI and PAM - it is basically to identify unusual but authorized access and trigger either extra authorization or at least alerts.
It's normal that John connects to root on the Linux server M-F in the morning, but it's really strange at 3AM on Saturday, so invite John's manager to approve the odd-looking request.

author avatarAslamImroze

Typically any new latest PAM comes with a great number of options for automation. Integration with JSON scripts is also possible. It depends on what is the use case you want to achieve. If an ML can trigger AI to send some request to PAM then based upon the input received and configured automation rules in PAM the action will be taken. BeyondTrust PAM can do this.

See more Privileged Access Management questions »

What is Privileged Access Management?

Privileged Access Management (PAM) oversees requirements of critical, private accounts living in an enterprise’s IT infrastructure. It is alternatively called Privileged Identity Management (PIM), Privileged Account Management or Privileged Session Management – collectively known as PxM. A privileged user is a person who can access the administrative backend of a critical system, delete data or change settings. PAM is essential to strong security.

The Privileged Access Management process is normally used as a tool for information security, and IT Central Station users look for richness in the functionality provided for oversight. Enterprises must prevent unauthorized backend system access while always adhering to compliance. Privileged Access Management safeguards aggressive data breaches and is intended to protect confidential data from the efforts of bad actors. PAM is constantly being updated to protect the security of the enterprise IT Central Station users are responsible for controlling shared frameworks and monitor authorized user access along with interim levels of permissions for privileged access within an enterprise.

IT and DevOps teams look for a number of categories necessary for Privileged Access Management, sometimes referred to as a “PAM Solution.” Requirements include life cycle and provisioning management, authorization, authentication, password management, access controls and auditing. Operating system components such as routers, switches, and firewalls all come into question with Privileged Access Management.

Functionality must meet risk management and compliance parameters. The goal is to protect, control and monitor operating systems, applications and the database. This can be achieved in part through session recording and session isolation to prevent unauthorized access, always a concern whether IT is talking about on-premises or cloud solution.

IT professionals are looking for easy to use GUI, availability of OOTB integration functionalities with other systems and availability of OOTB connectors to manage password and sessions of devices. High availability / failover to DR environment with no data loss should be provided and scalable components are key. Time is always a factor, so having the agility and ability to establish and manage simultaneous operating sessions to target devices is ideal. Ultimately, speed, coverage and security are the best ways to keep out the bad guys.

Find out what your peers are saying about CyberArk, One Identity, Thycotic and others in Privileged Access Management. Updated: August 2020.
430,988 professionals have used our research since 2012.