Why PAM is Key for Partner Organisations
Joseph Carson, chief security scientist and advisory CISO, Delinea, explains how and why partner firms must capitalise on the opportunities in privileged access management (PAM) solutions space.
It hasn’t been an easy decade for channel organisations in the Middle East, with rapid and continuous changes both in the market and in the solutions they distribute.
Pioneers in the industry have taken the challenge and run with it, becoming trusted digital transformation advisers. But those who have failed to act and adapt have lost market share and now lag behind.
It’s vital that channel organisations continue to evolve, adapting their value propositions and portfolios to respond to new market needs. For example, in the post-Covid world of 2022, enabling remote working and safeguarding against cyber-crime are two of the big challenges that organisations face. While hybrid environments have shown clear benefits, they increase data-breach risks as employees are likely to connect using their home equipment and companies rely on legacy security strategies that are no longer effective when workers are not in the office.
In this scenario, privileged access management (PAM) – the security controls around privileged user accounts – can help in multiple ways. PAM is at the core of remote cybersecurity and provides the tools and controls companies need to address many of the security issues associated with digital transformation journeys.
Channel organisations that provide robust PAM solutions and high-quality IT support and are able to secure, manage and monitor access to their clients’ most valuable accounts will be in the best position to create new, long-term business relationships.
Companies can’t afford to ignore PAM
Almost every business has privileged accounts that control access to systems, applications, cloud workloads, and data. Without them, IT teams can’t properly manage the organisation’s software and systems, and employees are unable to access the data they need to make important business decisions. However, these accounts are among the biggest targets for cyber-attacks, with experts believing that a frightening 80% of security breaches concern privileged accounts. It’s no surprise, then, that many organisations are looking to implement PAM solutions.
However, most companies find it too costly and time-consuming to properly manage PAM internally. Many don’t have the skills or knowledge required to face sophisticated and constantly evolving cyber-attacks or keep up with laws and regulations, or they simply take the easiest approach they can while accepting there may be increasing cyber-risk.
Therefore, channel organisations have an essential role to play in protecting and managing privileged accounts. First and foremost, implementing PAM requires striking the right balance between deploying robust protection and allowing teams to access the data they need without making daily tasks too restrictive. PAM features such as password masking and changing, credential management, and unusual activity monitoring can then facilitate protection.
Controlling user accounts and access
The rapid rise of remote and cloud-based working during the pandemic has created even more challenges for businesses trying to stay secure and keep track of users, identities and access. Sometimes previous employees still have access to crucial and sensitive information, increasing companies’ risks and vulnerability to attack.
Channel partners who offer PAM services will find themselves increasingly in demand to support clients in managing and controlling user account access. To this end, they can also leverage various opportunities that PAM offers to improve security and provide value to customers. They can use software-as-a-Service (SaaS) technologies and highly encrypted cloud vaults to store and retrieve credentials without admins even seeing them. With privileged identity management tools, they can ensure the correct permissions are given to the right people with the right roles. Also, they can provide customers with accurate information about who accesses what and when.
Not just a one-and-done
Protecting privileged accounts, identities and access is a constantly evolving challenge. Cybercriminals are ever more sophisticated, attacks are increasingly advanced, and the damage that can be done is ever greater. Credential theft is exponentially on the rise as criminals look for openings anywhere they can – in fact, they’ve doubled since five years ago. Remote working is the perfect backdrop for cybercrime to flourish, and companies simply cannot afford to leave matters to chance.
PAM is likely to sit at the heart of clients’ concerns, and channel organisations must continue to evolve and bolster their cybersecurity offerings to successfully manage customer requirements and expectations. They also need to act as trusted advisers to clients, provide accurate information on the latest challenges and suggest the most appropriate solutions. Doing this will enable them to strengthen relationships, add long-term revenue streams and stay ahead of the competition.