The tenth and latest installment of Verizon's annual Data Breach Investigations Report (DBIR)1 came out in April 2017, providing a detailed analysis of security incidents and data breaches around the world in 2016. A first look at the report shows that things are definitely looking up for IT security as a whole. For instance, the number of security incidents went down from 64,199 in 2015 to 42,068 in 2016. But on the other hand, the report revealed a disturbing fact.
It turns out that the number of data breaches caused by privilege misuse actually increased from 172 in 2015 to 277 in 2016, with the public, healthcare, and finance industries as the primary targets of the attacks. Privilege misuse has always been one of the top ways attackers gain access to sensitive data pertaining to any organization. Security incidents that arise from privilege misuse are difficult to discover early on, because privileged access allows attackers to pass into an organization's network undetected. In order to tackle such attacks, enterprises should focus on devising a judicious approach towards privileged access provisioning, control, and management.
The most effective way for enterprises to combat privilege misuse is by implementing a proper privileged access management (PAM) solution. A PAM solution can help enterprises enforce a multi-pronged strategy involving privileged accounts consolidation, secure password management practices, granular access controls, and continuous monitoring of what users are doing with their authorized privileges. In other words, a PAM solution can manage the complete life cycle of privileged access.
A robust PAM solution will enable an organization to successfully:
From an auditing perspective, this product offers some solid functionality. All user interaction with the Password Manager Pro interface is logged so administrators can easily verify who is accessing what.