Keeper Security have highlighted S&P Market Intelligence data showing that just 43% of SMBs have deployed privileged access management (PAM), compared to other leading security technologies like network, email and endpoint security and SIEM tools, which are all above 75% deployment.
PAM products have typically been extremely complex, expensive to deploy and maintain and extremely difficult to use, while also requiring substantial dedicated staff to operate – putting them out of reach for most smaller businesses.
Most successful breaches involve stolen or compromised credentials that are used to escalate privileges and move laterally across a network, something which PAM offerings are ideally suited to protect against.
“With the expansion of the attack surface due to remote and hybrid working, privileged access management is becoming increasingly critical,” said Darren Guccione, CEO and co-founder at Keeper Security. “At the same time, the definition of a ‘privileged user’ needs to widen to address a broader range of employees – especially in small businesses, where access rights may be more pervasive.
“However, SMB adoption of PAM is lagging due to traditionally high barriers of entry, which is making them low hanging fruit for attackers. In order to bolster security, organisations should seek flexible, easy to use, cloud-based PAM solutions that are cost effective and offer a full stack of IAM capabilities,” he continued.
As cloud-native PAM adapts to a ‘shift left’ world, the report highlights that it must also address a wider range of resources including Infrastructure as a Service, (IaaS), Platform as a Service (PaaS), containers, Kubernetes and serverless functions, infrastructure as code, etc.
Consequently, PAM must support a wider range of users, all of which have access to digital intellectual property and other confidential and sensitive company data.
Keeper Security’s KeeperPAM solution is specifically designed for perimeterless and multi-cloud environments without prohibitive costs or deployments associated with traditional PAM solutions.
It addresses the need to achieve visibility, security, reporting and control across an entire organisation, for every user, on every device, from every location.