I work for a large computer software company and I am currently researching PAM solutions.
Which solution do you prefer: ARCON Privileged Access Management or Microsoft PAM? What are the pros and cons of each solution?
Thank you for your help.
Hello Siby, I suggest looking for PAM-leading solutions, both solutions you have mentioned are not recommended, Microsoft doesn't have a PAM solution and Arcon won't fulfill the local compliance requirements like NESA, etc.... check solutions that are leading in the PAM area.
I am a Director at a large financial services firm.
I am looking for a tool that will help me limit the privileges given to administrators and privileged users. Which tool do you recommend and why?
Thank you for your help.
Technical Account Manager (Information Security) at Trustaira
Dec 23, 2022
If you share the devices/asset category may get the best suitable answer from this community. Here I can help you with the system privilege maintenance. If your organization has a Windows and Linux base, then you can choose the Delinea Server Suite solution to manage all privileged users. Why is Delinea Server Suite best for your organization? I hope your Windows asset is managed by a domain controller that manages your users and also manages the group policy. To use Server Suite, you can join your Linux systems in your domain controller by creating the zoning policy. To use this solution you can also manage the MFA/2FA in your all system (Windows/Linux). When a privileged user uses any administrative command in that time, approval is required by an admin from Server Suite. The admin can also create the workflow to execute any command needed to give the security question before executing that. So you can minimize your effort when you connect your Linux environment and workgroups assets in Domain Controller and based on your policy, you create the group policy for users and assign it from a single pane of glass.
Hello, I think you would find a lot of value in taking a look at Remediant's solution called SecureONE. As you may know, lateral movement is the step that makes domain-wide attacks possible. We specialize in stopping lateral movement by discovering standing privileges and removing them. These days, a compromise of one machine is almost guaranteed, so it's important to see where else on the network do the compromised credentials have access. We give you visibility of where standard users' credentials as well as administrators' credentials have access to within your organization. Many customers do not realize the spread and severity of standing privileges, even when they may already have a vault and application control in place. If this sounds any bit interesting, please visit our website and schedule a demo. Thank you!
Top 5 Privileged Access Management (PAM) Tools
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews ...
Cyber Security has become one of the top priorities in today’s hyper-connected fast-growing technologies like cloud, mobile, and virtualization, making the lives of security professionals more challenging. Building multiple layers of security on the perimeter such as VPNs, access controls, firewalls, IDS, IPS, SIEMs and email gateways are no longer considered fully effective. It needs to be c...
As a cybersecurity professional, I would NEVER outsource a PAM solution anywhere outside of my company, no matter how beneficiary it could look at a first sight. In the end, it can cost you everything.
What is Privileged Account Management (PAM)?
Privileged account management can be defined as managing and auditing account and data access by privileged users.
A privileged user is someone who has administrative access to critical systems. For instance, anyone who can set up and delete user accounts and roles on your Oracle database is a privileged user.
I'd say that everything depends on your detailed requirements. I can tell that I know many customers who selected One Identity because it was ideal for their needs. Here is what they valued most:
1. Ease of deployment. After several months of piloting competitive solutions, One Identity pilot was started within 1 week (in basic scenarios that can be started within 2 days).
2. No need to deploy agents on servers. That is really important for critical infrastructure.
3. No need to change tools on the client's side. Admins really like it. They are not forced to use some inconvenient tools.
4. Scalability: I'd say that there is no company whose needs cannot be covered by this solution.
If you value the same things than have a look at One Identity.
These are the big players. While they can all do PAM, things you should consider in making a choice include have a success criteria, what you want to achieve, cost, ease of implementation and management, scalability, etc.
Go for the features you need and fits your requirement and not nice to have.
I would advise choosing among Gartner MQ Leaders. You are a Bank so the solution should be robust. According to the latest Gartner PAM MQ the leader are CyberArk, Centrify, Beyond Trust, Thycotic. If you need 5 options, take a look at One Identity.
FUDO was excluded by Gartner from the latest PAM MQ.
PAM solutions worth considering are CyberArc, Centrify, Beyond Trust, Thycotic & Fudo.
What answer will you give for such question: 'what is the best car?'
Is it 'Ferrari, Bugatti, Aston Martin' or "BMW, Mercedes, Audi' or 'Jeep, Toyota, Mitsubishi'?
Give us more info and we will be able to give better advice.
I'd say that if session management is important for you than One Identity should definitely in the list.
And please don't make your choice based on marketing. Test in your infrastructure and you will definitely see the difference.