Who owns the data in your organization? If you’re like many, there’s a chance it’s fragmented. Maybe legal owns governance while security owns data security. IT, legal, security and line-of-business owners might share tasks. Perhaps there is no real data governance or oversight at all. What we hear from people across all industries, though, is that whether they have a mature governance and data security program or a nascent collection of policies expected to evolve over time, there is one specific avenue that remains difficult to address: controlling access to sensitive data. Zero trust and other access controls can help.

Combining Zero Trust and Other Tools

There are plenty of articles extolling the virtues of combined data security and access management tools — and with good reason. These are core components of zero trust and according to the 2021 Cost of a Data Breach report, a zero trust framework can reduce the overall financial impact of a data breach by 42.3%.

Read the report  

Beyond statistics, this is a practical combination. By always watching a user’s actions and data security posture and quickly adjusting access privileges as needed, you can preserve data privacy, meet data compliance needs and ensure a zero trust architecture.

But what about privileged access management (PAM)? Privileged accounts are expanding rapidly, becoming more complex and taking more in stride. Today, containers, servers and apps can all have privileged access. This widens the borders of a privileged account as well as the attack surface for bad actors looking for an entry point.

Often, businesses do not practice good hygiene around privileged credentials. They don’t set limits for them beyond typical access policies dictating where, when or how users can access these sensitive accounts. Beyond this, PAM oversight is less easily added into data security. The relevant teams often cannot determine the user behind privileged credentials when strange behavior occurs.

In fact, many companies still use ad-hoc methods like paper or spreadsheets to manage privileged credentials. With 74% of breaches stemming from privileged credentials, and one in four employees reporting they know someone who has sold privileged credentials, more granular control is paramount.

In this on-demand webinar, IBM and Enterprise Management Associates, Inc (EMA) discuss IBM Security Guardium Insights and the current state of data security.

Register for the webinar

The Importance of Just-in-Time PAM

The first step on the journey to the zero trust security promised land is just-in-time (JIT) PAM. We discussed earlier how businesses tend to practice poor security hygiene when it comes to privileged credentials. That’s where a JIT model comes in. In fact, in the 2020 Gartner Magic Quadrant for PAM, Gartner predicts that 50% of organizations will have put a JIT model in place by 2024, with those that do seeing 80% fewer privileged breaches than their peers.

Multiple JIT cases can be solved with PAM. Developers need JIT privileged access to build, test and launch products. Meanwhile, service accounts need JIT access for IT tasks. Given that 74% of CFOs intend to move at least 5% of their onsite employees to permanent remote bases, more remote workers need JIT access to stay productive.

In a nutshell, this model abides by the notion of least privilege access. It gives users the least access they need to accomplish privileged tasks. This means limiting the time spent in a privileged system. In addition, it greatly limits the locations from which those systems can be accessed, among other factors. Setting strict limits on where and for how long accounts can be accessed makes it less likely someone could abuse those privileged credentials. If odd behavior does occur, your team can discover the culprit more easily.

Who Is Watching the Watchers?

So, we’ve enhanced our PAM with a JIT model. But it still doesn’t fully address the access management gap. Even with policy guiding the use of privileged credentials, there is the risk of those credentials still being exploited. To combat this, deploy data security analytics.

Any data security solution, including those built to secure the modern hybrid multicloud, must come equipped with artificial intelligence (AI) that can centrally analyze what’s happening across all data sources within a given data environment. Why? The World Economic Forum predicts that by 2025, there will be 463 exabytes of data created daily. This contributes to a massive threat landscape where suspicious actions can occur. On top of that, we need machine learning to understand normal behavior across dozens of disparate databases. Without it, it will become more and more difficult to detect risky moves and trends.

This goes double for detecting and learning more about risky behaviors occurring behind PAM credentials. It is imperative to have a data security solution in place to spot problems. This solution can tell when a privileged account is behaving oddly or when someone extracts large volumes of sensitive data. It is equally crucial to integrate with a PAM solution to unmask the user behind the shared account. This leaves the feedback loop wherein the system looks at ongoing user behavior. From there, it can inform the need for changing access policies on privileged accounts.

Starting at Zero Trust

Data security is a zero trust issue at heart. With a zero trust model, organizations are enabling least privilege access to their data and always checking access credentials for users, devices and applications. By assuming a breach is bound to happen, they are ready to spot and respond to attacks. If the endgame is to limit access to critical data to those with the right credentials and a real need, it requires a mix of analytics, ongoing checking of data sources and systems, and a constant look at the security posture of users and endpoints. By breaking down silos between data security and identity teams, essential roles such as visibility, security and governance are less fragmented, and you can limit the damage caused by a breach.

Learn why IBM Security Verify Privilege is a leader in Forrester Wave™️: Privileged Identity Management (PIM), Q4 2020. Don’t forget to join IBM and EMA in this on-demand webinar as they discuss IBM Security Guardium Insights and the current state of data security. 

Register for the webinar

More from Data Protection

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

Addressing growing concerns about cybersecurity in manufacturing

4 min read - Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.Apparently, the data being stored in industrial control systems is…

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today