Phone Number +1-202-802-9399 (US)

ThycoticCentrify is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

New Model for Privileged Account Management Adoption Helps Organizations Assess and Advance their PAM Maturity

Written by Jordan True

December 6th, 2018

Online Tool Evaluates PAM Programs and Provides Customized Recommendations to Lower Cyber Risk, Increase Agility and Improve Efficiency

WASHINGTON, D.C., December 6, 2018 — Thycotic, provider of privileged account management (PAM) solutions for more than 10,000 organizations worldwide, today announced its PAM Maturity Assessment, the first tool designed as a strategic framework to help organizations understand their current level of PAM maturity. As a free online tool, the PAM Maturity Assessment increases an organization’s visibility into how it manages privilege security and enables security and IT teams to prioritize actions and align budget and resources.

Information security and IT professionals can take the free survey in under five minutes. Participants get an immediate grade upon completing the survey, along with a follow up email that includes a report with detailed results and customized recommendations to systematically lower privileged account risk, increase business agility and improve operational efficiency.

“Many companies aren’t sure where to start with PAM or which security activities have the most impact,” said Joseph Carson, chief security scientist at Thycotic. “This model is based on security industry best practices and our work with 10,000 customers of all types. It’s designed to help companies progress on their PAM journey based on defined benchmarks as well as their own risk drivers, budget, and priorities.”

Step-by-Step Roadmap

The model defines four phases of maturity ­­­­organizations typically progress through as they evolve from laggards to leaders in their adoption of privileged account management.

  • Phase 1. Analog: Organizations in the Analog phase of PAM maturity have a high degree of risk. They secure their privileged accounts in a limited way, if at all. As a result, they often provide excess privileges to people who don’t need them, share privileges among multiple administrators, and neglect to remove privileges when users leave the organization or change roles.
  • Phase 2. Basic: When organizations progress from the Analog stage to the Basic stage of PAM maturity, they adopt PAM security software and begin to automate time-consuming, manual processes.
  • Phase 3: Advanced: As organizations move from a reactive to a proactive privilege security strategy they enter the Advanced phase of PAM maturity and PAM becomes a top priority within their cyber security strategy. Organizations at this level are committed to continuous improvement of their privileged security practices.
  • Phase 4: Adaptive Intelligent: As organizations ascend to the ultimate stage of PAM maturity they take the concept of continuous improvement to a higher level, often relying on artificial intelligence and machine learning to collect information and adapt system rules. They fully and automatically manage the entire lifecycle of a privileged account, from provisioning to rotation to deprovisioning and reporting.

In addition to the PAM model and online tool, Thycotic is planning on releasing a trend report of PAM maturity in the coming months, with the goal of creating greater understanding of privileged account security and providing metrics on PAM adoption back to the international security community.

For more information on the PAM Maturity Assessment, visit here.


Like this post?

Get our top blog posts delivered to your inbox once a month.