Phone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

The Real Cost of PAM Software

mm

Written by Chris Smith

October 1st, 2019

A low price tag for PAM software doesn’t necessarily mean it’s the best overall value. Enterprise-scale PAM, like most software purchases, typically involves more than the initial license fee. Depending on your security goals, internal resources, and specific IT environment, you may need to plan for additional costs.

It’s important to identify the total cost of PAM ownership as clearly as you can prior to acquisition. Consider what you’ll need to spend over the first few months to get up and running, and over the coming years as your PAM program matures and evolves.

Make sure you aren’t surprised by hidden fees. The last thing you want to do is go “hat in hand” to your finance team to ask for additional, unexpected funding after your PAM project has already started.

14 budget questions to ask before you buy your PAM software

  1. When comparing PAM vendors, am I comparing apples to apples for features? Not all PAM products cover the basic “must have” PAM feature set, use this Gartner checklist to ensure you’re measuring every solution with the same yardstick.
  2. As I grow my PAM program, can I turn new features on myself, avoiding painful and costly upgrades,  or do I need to go back to the software vendor and pay for professional services to deploy more software?
  3. If a cloud version of the solution is a better fit for my needs because of resource or expertise constraints, would I have the same PAM capabilities with a cloud version of the software as with an on-premise option, or is it limited in some way?
  4. If I choose an on-premise option, what type of infrastructure footprint will I need to build out to support the PAM architecture?
  5. Do I need a physical or virtual machine for every component of the PAM solution (vault, password rotation, web access, session monitoring and proxying, SSH key management, threat analytics, etc.), or can the solution scale up or down depending on my needs?
  6. If I need to manage more secrets or add more users, how well will my infrastructure scale before I need to make additional purchases?
  7. To achieve High Availability and redundancy, do I need to purchase additional software components from the vendor and maintain them on premise?
  8. Does the on-premise PAM architecture require me to purchase additional licenses for other types of software components and keep them up to date, like jump hosts?
  9. Can I manage the initial implementation and configuration work internally, or do I need to budget for professional services?
  10. If I do use professional services, how long is the work expected to take before the solution is fully available?
  11. How many full-time employees will I need to hire and train for ongoing privilege management?
  12. Can I manage software updates, including new functionality and security patches, with an internal team, or should I budget for ongoing professional services?
  13. To manage privileges for all devices and systems in my IT environment (including legacy or customer-built systems), will I need to pay for custom scripting?
  14. Are all the reporting capabilities I need included, or will I need to pay for professional services to create reports or purchase or integrate other software to manipulate and share reports?

Once you have all the information you can include all the factors in your pricing calculations.

You may end up with a long list of potential software costs that previously were hidden. But, it’s better to know than be caught off guard.

You’ll be able to go to your finance team with a complete picture of the spend—as well as the value—of your PAM investment.

For more detailed considerations of Thycotic’s approach to PAM costs, download The Total Cost of PAM Ownership.

 

Like this post?

Get our top blog posts delivered to your inbox once a month.

SHARE THIS


The following two tabs change content below.
mm

Chris Smith

Chris has over 20 years of software marketing experience, and as VP of Product Marketing helps define and drive marketing strategy, messaging & positioning, sales enablement, and marketing content creation. Most recently Chris was the CMO at Zenoss, a commercial open source software company based in Austin, TX. Chris has also held marketing leadership roles at Quest Software (acquired by Dell), Alert Logic, Bindview (acquired by Symantec), Postini (acquired by Google), PentaSafe (acquired by NetIQ), and BMC Software. Chris holds a BS in Electrical Engineering from Texas A&M and an MBA from Rice University.