Wednesday, 21st August 2019
Logo

Assessing and advancing PAM maturity

Thycotic has introduced its PAM Maturity Assessment, the first tool designed as a strategic framework to help organizations understand their current level of PAM maturity. As a free online tool, the PAM Maturity Assessment increases an organization’s visibility into how it manages privilege security and enables security and IT teams to prioritize actions and align budget and resources.

Information security and IT professionals can take the free survey in under five minutes by visiting https://thycotic.com/resources/thycotic-pam-maturity-model/. Participants get an immediate grade upon completing the survey, along with a follow up email that includes a report with detailed results and customized recommendations to systematically lower privileged account risk, increase business agility and improve operational efficiency.

“Many companies aren’t sure where to start with PAM or which security activities have the most impact,” said Joseph Carson, chief security scientist at Thycotic. “This model is based on security industry best practices and our work with 10,000 customers of all types. It’s designed to help companies progress on their PAM journey based on defined benchmarks as well as their own risk drivers, budget, and priorities.”

Step-by-Step Roadmap

The model defines four phases of maturity ­­­­organizations typically progress through as they evolve from laggards to leaders in their adoption of privileged account management.

  • Phase 1. Analog:Organizations in the Analog phase of PAM maturity have a high degree of risk. They secure their privileged accounts in a limited way, if at all. As a result, they often provide excess privileges to people who don’t need them, share privileges among multiple administrators, and neglect to remove privileges when users leave the organization or change roles.
  • Phase 2. Basic: When organizations progress from the Analog stage to the Basic stage of PAM maturity, they adopt PAM security software and begin to automate time-consuming, manual processes.
  • Phase 3: Advanced: As organizations move from a reactive to a proactive privilege security strategy they enter the Advanced phase of PAM maturity and PAM becomes a top priority within their cyber security strategy. Organizations at this level are committed to continuous improvement of their privileged security practices.
  • Phase 4: Adaptive Intelligent:As organizations ascend to the ultimate stage of PAM maturity they take the concept of continuous improvement to a higher level, often relying on artificial intelligence and machine learning to collect information and adapt system rules. They fully and automatically manage the entire lifecycle of a privileged account, from provisioning to rotation to deprovisioning and reporting.

In addition to the PAM model and online tool, Thycotic is planning on releasing a trend report of PAM maturity in the coming months, with the goal of creating greater understanding of privileged account security and providing metrics on PAM adoption back to the international security community.

Thycotic has expanded its PAM solution to address the risks associated with service account sprawl.
Two thirds are now checking SMEs’ security training credentials, over one third make them part of th...
Collaborations with ISARA Corporation and ID Quantique will make quantum-safe crypto more widely ava...
Wipro has released its 2019 State of Cybersecurity Report that highlights the rising importance of c...
Ping Identity has released PingCloud Private Tenant, a private cloud identity solution for the enter...
Respondents identify people as biggest source of cyber threats, with Facebook and BA as most notable...
Research reveals that companies investing in the latest cyber security products and services are ris...
RiskIQ has released its annual “Evil Internet Minute” report today. The company tapped proprietary g...