2019 SailPoint Identity Insider Magazine - Magazine - Page 30
KELVIN MBATU
Advisory Manager, Cybersecurity
& Privacy, PwC
Mitigating Insider Threats with
Privileged Access Governance
Additional Contributors: Avinash Rajeev, Vivek
Tejwani, Radhakrishnan Subramaniyan
Enterprises have become increasingly reliant on
digital information to meet business objectives,
effectively manage operations, and compete in a
digitally connected world.
The digital ecosystem demands that organizations
transform their identity and access management
(IAM) programs to protect and monitor critical data
and systems from cyber threats. IAM solutions
enable organizations to securely perform business
operations by granting users and applications
access to digital assets, which is reviewed
periodically for appropriateness and continued
access.
Certain users, such as IT systems administrators,
are entitled to have elevated or privileged access
rights to systems, applications and data across the
enterprise. This type of access can pose a serious
threat if compromised. In fact, adversaries often
target privileged accounts to gain a foothold on a
corporate network and infiltrate systems across
the enterprise. They typically do so using phishing
schemes to obtain user credentials from insiders
such as employees and third-party business
partners – including suppliers, consultants, and
contractors.
Many organizations have invested heavily in
IAM technologies and processes in an effort
to address risks, compliance, and operational
gaps associated with the management of digital
identities and access. But as adversaries develop
increasingly sophisticated attack techniques,
businesses have been forced to reassess the
capabilities of their IAM solutions with a greater
focus on privileged access management (PAM).
30
|
SAILPOINT IDENTIT Y INSIDER
To protect data from internal and external threats,
organizations need to manage the entire lifecycle
of privileged accounts. Despite rising compromise
of privileged accounts, many organizations
lack mature capabilities to effectively manage
privileged access. For instance, some
organizations have purchased solutions, but
haven’t developed corresponding processes and
governance to make them effective. Others may
have good processes in place, but lack enabling
technologies to address privileged access risks at
an enterprise scale.
An integrated IAM and PAM implementation can
help automate real-world business use cases to
manage privileged accounts, including:
• Discovering privileged accounts configured
in the PAM application to effectively manage
through the IAM solution
• Auto-provisioning new privileged accounts
using role-based access provisioning or
provisioning policies configured in the IAM
solution
• Automating periodic access reviews for
privileged accounts
• Automating terminations of privileged
accounts access based on user separation
or termination events as processed in the
IAM solution
Implementation of these use cases can help
businesses gain enhanced visibility into privileged
accounts, enabling them to quickly respond
to incidents and help facilitate regulatory
compliance.
©2019 PwC. All rights reserved. PwC refers to the US
member firm or one of its subsidiaries or affiliates, and
may sometimes refer to the PwC network. Each member
firm is a separate legal entity. Please see www.pwc.com/
structure for further details.