BR +55 11 3069 3925 | USA +1 469 620 7643

How to Protect Remote Access with PAM

by | Mar 24, 2021 | BLOG

The Covid-19 pandemic has caused massive adoption of remote working models in organizations of all sizes. Besides, security leaders have also accelerated the migration of their infrastructure to cloud environments. According to a study conducted in partnership by Forrester and CloudFare, 52% of the organizations surveyed indicated that the pandemic has caused a shift to cloud-based working models.

In these models, both employees and third parties need to have access to critical systems through privileged credentials, so that they can perform their daily tasks. And with the increase in the number of third parties, there was also an increase in the number of data leaks attributed to them. According to a study by Trustwave, 63% of these security incidents were caused by third parties, which makes this type of access an important attack vector in organizations. The associated costs are also higher. According to the Cost of a Data Breach 2020 report, the average cost of a data leak reaches USD 3.86 million. And leaks caused by third parties were one of the factors associated with even greater losses.

Considering this infrastructure that is distributed outside the security perimeter, many people responsible for Information Security have made their cybersecurity policies less restrictive, allowing access through insecure devices and networks (including BYOD or Bring Your Own Device), even VPNs without the proper security controls in place. And we already know that it is impossible to track what is not managed.

All of these aspects introduced new business risks and concerns for cybersecurity teams. In a study published by PDM Insights, 73% of IT decision-makers who responded to the survey recognize these new challenges. The related risks include opening phishing emails (for 38% of respondents) and inappropriate administrative access (37%), which required CISOs to seek the implementation of Zero Trust-based approaches.

In Zero Trust models, there is no concept of trust within the perimeters of the organizations’ infrastructure, and all actions taken by users must be continuously verified. Forrester reports that the percentage of IT leaders who have accelerated their investments in Zero Trust-based technologies reaches 76%. In addition, the same percentage also identified Identity and Access Management (IAM) as the biggest challenge for their Security teams. An example of Zero Trust-based IAM technology is just-in-time access.

In just-in-time accesses, access to applications or systems is allowed only at predetermined periods and on-demand. Therefore, through just-in-time it is possible to grant the required privileges for the performance of certain administrative tasks through the provisioning and de-provisioning of access in time of use, thus reducing the attack surface and the associated cybersecurity risks. As organizations adapt to a new working model, which includes the consolidation of remote work and the increase of third parties in the infrastructure, the use of PAM tools is imperative for security leaders to ensure compliance with policies and security regulations, such as PCI-DSS, HIPAA, and SOx. Also, it is possible to meet the requirements of data protection laws, such as LGPD and GDPR, mitigating security risks and preventing data leaks that can cost millions in fines, in addition to the loss of revenue, customers, and corporate reputation.

To solve the problems involved in the remote work of employees and third parties, senhasegura has launched Domum, which offers users secure access based on Zero Trust to devices of the corporate infrastructure wherever they are, without the need for VPN, installation of agents, and additional licensing or configurations. Access is granted instantly, easily, and securely, without exposing device passwords and without the user needing access credentials to the PAM security platform.

It works as follows: whenever it is necessary for an employee or third party to perform remote access to any device managed by the PAM platform in the infrastructure, senhasegura Domum will perform the provisioning of access using a just-in-time approach, sending an approved access link to the user, allowing immediate access only to authorized devices.

senhasegura Domum allows configuring access workflows at multiple levels to allow access, in addition to the high granularity offered by the PAM security platform, already recognized by the market. In this way, it is possible to have maximum adherence to the organization’s access policies, allowing the reduction of implementation and customization costs. After the predetermined time of authorization, access is revoked and the link is no longer valid, preventing the employee or third party from proceeding with malicious privileged actions on devices in the infrastructure, which allows for a smaller attack surface and security risks associated with the exploitation of privileged credentials. Besides, by automating the process of granting and revoking privileged access on devices used by third parties, senhasegura ensures the reduction of operational expenses with access management.

Domum also offers all the features offered by the senhasegura PAM platform, such as real-time monitoring of the actions performed. Through LiveStream, an auditor can check the actions taken by a user, allowing the blocking or closing of the remote session in case of non-compliance or if a malicious action is detected. Other features of senhasegura also offered by Domum include session recording, analysis of threats user behavior. Thus, one can reduce the time to detect and respond to malicious actions before the malicious attacker is able to take them. As a result, there is maximum visibility of privileged actions performed in the environment and compliance with regulatory standards.

Ensuring the protection of remote access for a lot of users working remotely is more than an optional security requirement, it is a business must. Therefore, by using the senhasegura PAM platform and senhasegura Domum to manage privileged access, you can reduce the attack surface and the associated security risks, avoiding data leaks and ensuring business continuity.

Learn more about Domum: https://senhasegura.com/en/products/domum/

An Overview of Saudi Arabia’s Personal Data Protection Act (PDPL)

Saudi Arabia’s Personal Data Protection Law (PDPL) was implemented by Royal Decree M/19 of 9/2/1443H (September 16, 2021), which approved Resolution No. 98 of 7/2/1443 H (September 14, 2021). It was published in the Republic Journal on September 24, 2021. The Saudi...

The 5 Biggest Data Leaks of 2021

During the pandemic, cyberattacks grew more than ever. Theft, hijacks, and data leaks are increasingly popular practices in cybercrime. The lock and hijack for ransom (ransomware) category has stood out a lot, as data is a highly valuable resource and most companies...

HIPAA: Five Tips for Complying with The Certificate

What is HIPAA? Currently, this is one of the most frequently asked questions by many professionals working in the healthcare industry, especially in times of the Covid-19 pandemic. But why is it so important and what are its benefits for healthcare companies? First,...

How Does The LGPD Impact Companies?

Due to the growing technological development in the market, we can clearly see how much how consumers tend to buy products and services has changed. Through more practical technologies, such as cellphones, laptops, and tablets, for example, they are just a click away...

What Is the Difference Between IAM and PAM?

It is important to know the differences between IAM (Identity & Access Management) and PAM (Privileged Access Management). However, this theme still raises doubts for some people. First, it is necessary to understand that the need to obtain an identity is...
Copy link
Powered by Social Snap