Saturday, 23rd February 2019
Logo

Assessing and advancing PAM maturity

Thycotic has introduced its PAM Maturity Assessment, the first tool designed as a strategic framework to help organizations understand their current level of PAM maturity. As a free online tool, the PAM Maturity Assessment increases an organization’s visibility into how it manages privilege security and enables security and IT teams to prioritize actions and align budget and resources.

Information security and IT professionals can take the free survey in under five minutes by visiting https://thycotic.com/resources/thycotic-pam-maturity-model/. Participants get an immediate grade upon completing the survey, along with a follow up email that includes a report with detailed results and customized recommendations to systematically lower privileged account risk, increase business agility and improve operational efficiency.

“Many companies aren’t sure where to start with PAM or which security activities have the most impact,” said Joseph Carson, chief security scientist at Thycotic. “This model is based on security industry best practices and our work with 10,000 customers of all types. It’s designed to help companies progress on their PAM journey based on defined benchmarks as well as their own risk drivers, budget, and priorities.”

Step-by-Step Roadmap

The model defines four phases of maturity ­­­­organizations typically progress through as they evolve from laggards to leaders in their adoption of privileged account management.

  • Phase 1. Analog:Organizations in the Analog phase of PAM maturity have a high degree of risk. They secure their privileged accounts in a limited way, if at all. As a result, they often provide excess privileges to people who don’t need them, share privileges among multiple administrators, and neglect to remove privileges when users leave the organization or change roles.
  • Phase 2. Basic: When organizations progress from the Analog stage to the Basic stage of PAM maturity, they adopt PAM security software and begin to automate time-consuming, manual processes.
  • Phase 3: Advanced: As organizations move from a reactive to a proactive privilege security strategy they enter the Advanced phase of PAM maturity and PAM becomes a top priority within their cyber security strategy. Organizations at this level are committed to continuous improvement of their privileged security practices.
  • Phase 4: Adaptive Intelligent:As organizations ascend to the ultimate stage of PAM maturity they take the concept of continuous improvement to a higher level, often relying on artificial intelligence and machine learning to collect information and adapt system rules. They fully and automatically manage the entire lifecycle of a privileged account, from provisioning to rotation to deprovisioning and reporting.

In addition to the PAM model and online tool, Thycotic is planning on releasing a trend report of PAM maturity in the coming months, with the goal of creating greater understanding of privileged account security and providing metrics on PAM adoption back to the international security community.

Survey reveals that half of MSPs now manage their customers’ compliance obligations.
Cyber security revenues in 2018 were $160.2 billion and will jump an enormous $11.2 billion during 2...
Half of all UK businesses (49%) believe they have unknown third-party devices on their networks, an...
Third instalment of 2019 Security Report highlights the cloud and mobile attack vectors used to targ...
Despite concerns, organisations lack the budget (75 per cent) and training (80 per cent) to combat t...
44% of decision makers are spending a day each week dealing with cybersecurity issues.
By 2022, Gartner, Inc. predicts that 70 per cent of organisations using biometric authentication for...
Jumio Authentication enables users to verify themselves during high-risk transactions and unlock eve...