Addressing emerging PAM use cases to protect access to SaaS applications, cloud infrastructure, and databases
With most of the global, white-collar workforce suddenly shifting to working remotely, cloud technology has emerged as a critical component to keep businesses up and running. These services are enabling people to collaborate with one another, and provide the tools they need to stay productive, enhance accessibility and create a mobile friendly environment while working remotely.
While there has long been a mass migration to cloud overall, the demands of this current crisis have created a spike in usage. Microsoft has reported as high as a 775% increase in Teams’ calling and meeting monthly users in a one-month period in the heavily affected region of Italy, as well as more than 44 million daily users on Teams. Those users generated over 900 million meeting and calling minutes daily in a single week.
Now, organizations are asking how to maintain the security posture of cloud assets while enabling remote workers to access them
Enabling remote work and cloud access have become critical capabilities for many companies right now. Our customers are asking us how to best maintain the security posture of their cloud assets while enabling more remote workers to access them.
Thycotic recently announced the acquisition of PAM solution provider Onion ID. Given the current situation, we have accelerated the launch of three new products from this portfolio to support our customers through this time: Thycotic Cloud Access Controller, Thycotic Remote Access Controller, and Thycotic Database Access Controller. These solutions can help organizations address the emerging PAM use cases protecting access to SaaS applications, cloud infrastructure, as well as ensuring remote workers stay productive and secure.
Enforcing Zero Trust for Remote Workers and Third-Party Access
In the current climate, the work-from-home mandate has led companies from SMB through large enterprises to adopt a Zero Trust security approach for remote employees, third party vendors and contractors who need access to corporate resources. What that means is that all remote access is treated with a “never trust, always verify” approach, following the principles of Least Privilege. Security teams need to control who is able to access what, when, and for how long in order to keep corporate resources secure, ensure productivity, and comply with regulatory mandates.
Newly remote employees need access to accounts, web applications, and servers on the corporate network. Third parties need similar access but often have additional restrictions that don’t apply to employees, including lower access levels and specific beginning and end dates or times.
Thycotic Remote Access Controller simplifies and automates the management of remote workers accessing the IT resources they need to be productive and secure. It gives teams the next level of granularity to enforce policies, including the use of multi factor authentication and session recording, without requiring any software or browser extensions to be installed. It also cuts down the amount of manual effort with its API suite that can be integrated into automated workflows and ticketing systems to streamline access grants for contractors and to evoke access automatically, all within a centralized web portal.
Granular control over web applications and web-based cloud management platforms.
We already know that modern Enterprises have been embracing cloud resources more than ever – even before the pandemic hit, it was estimated 90% of companies will have some portion of their apps or infrastructure in the cloud by the end of 2020, according to IDG, and 80% of IT budgets are already committed to cloud solutions, according to Gartner. With the recent increase of remote workers, this progression is being accelerated. This can complicate existing PAM challenges, because the growth of cloud services drives a proliferation of privileged accounts and credentials to a state that, for many organizations, is unmanageable without automated process and specialized tools, Gartner warns.
With such high stakes on cloud IT, cloud apps security has become a critical focus. Enterprises must be able to precisely control what users can see and do in Infrastructure as a Service (IaaS) platforms such as Amazon Web Services (AWS) and Software as a Service (SaaS) applications like Salesforce. The traditional boundaries of PAM are even pushed into areas such as social media security. Business users should only have access to resources their role requires, and all privileged access by IT admins should be approved, monitored, recorded, and regularly audited for compliance to regulatory mandates and corporate policies.
Thycotic Cloud Access Controller ensures that every IaaS and SaaS user has the appropriate cloud access privileges required only to complete their role. Role Based Access Controls can be precisely defined to control what each user can read, modify or even click within any web application for tighter cloud app security. Admins also have a dashboard of activity that clearly displays activity such as which applications have been accessed, access removal, audit report production and more, so that they are able to maintain the highest level of security and stay in compliance—without inhibiting end users.
Enabling Enterprises to adopt modern cloud database
Thycotic Database Access Controller enables enterprises to adopt modern cloud databases from AWS (RDS), Google, Azure, Oracle, Redis, and others, while still enforcing appropriate access levels, multi factor authentication, and complete reporting and auditing workflows.
Everyone knows that databases are an essential resource for organizations and contain valuable or sensitive information that needs to be protected. Controlling access to databases, therefore, is a critical priority for security teams. Privileged access, in particular, should require additional layers of security, such as MFA and session monitoring to provide protection for sensitive information.
With Thycotic’s newly released Database Access Controller, customers can record entire database access sessions, provide time-based access, report and log actions, generate alerts and cut off connections in an automated manner. Database access management is no longer manually intensive or complicated. Thycotic has simplified workflows and centralized reporting and auditing for any database management tool to cut down operational effort.
It is no longer enough to control only privileged access, all access must be controlled and managed in a zero-trust world. Thycotic Cloud Access Controller, Thycotic Remote Access Controller, and Thycotic Database Access Controller allow organizations to expand their control to a more granular level. These solutions extend IT teams’ ability to address emerging PAM challenges by protecting access to SaaS applications, cloud infrastructure, and ensuring remote workers stay productive and secure.
Q&A Webinar: Here’s how to tackle the top security challenges around your remote workforce
*** This is a Security Bloggers Network syndicated blog from Thycotic authored by Barbara Hoffman. Read the original post at: https://thycotic.com/company/blog/2020/06/02/pam-use-cases-protect-access-to-saas-apps-cloud-infrastructure-databases/