Comments on: Privileged Account Management http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/ KuppingerCole Wed, 08 Feb 2012 09:08:03 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: shanebond http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-232 shanebond Fri, 11 Jun 2010 11:07:59 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-232 We are looking for a system where we check-out and check-in privileged accounts that we then track during thier activity. it has to be an Enterprise Application and Web-Based if at all possible. This is being used to show auditors we have controls in place for SOX application changes. But once the firewall vendors universally support authentication mechanisms that IAM solutions can leverage, will PAM continue to thrive? _____________________________________ shanebond <a href="http://heathsavingsaccounts.com" target="_blank">Savings Accounts</a> We are looking for a system where we check-out and check-in privileged accounts that we then track during thier activity. it has to be an Enterprise Application and Web-Based if at all possible. This is being used to show auditors we have controls in place for SOX application changes.
But once the firewall vendors universally support authentication mechanisms that IAM solutions can leverage, will PAM continue to thrive?
_____________________________________
shanebond
Savings Accounts

]]> By: Craig Joyner http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-180 Craig Joyner Mon, 21 Dec 2009 16:15:33 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-180 Martin, Thank you so much for your blogs on Priviledged Account Management. I have been tasked with researching this more. Would you help me with some links and vendors? I've really struggled to find the right words to query on for this subject. We are looking for a system where we check-out and check-in privileged accounts that we then track during thier activity. it has to be an Enterprise Application and Web-Based if at all possible. This is being used to show auditors we have controls in place for SOX application changes. I will be checking out Novell's Fortefi and Cyber-Ark but would like to know who all the vendors are in this space? Have you heard of ID-Synch by M-Tech? I'll be looking at them as well. What words would you suggest a person query on to find out more information PAM? Thanks! Martin, Thank you so much for your blogs on Priviledged Account Management. I have been tasked with researching this more. Would you help me with some links and vendors? I've really struggled to find the right words to query on for this subject.

We are looking for a system where we check-out and check-in privileged accounts that we then track during thier activity. it has to be an Enterprise Application and Web-Based if at all possible. This is being used to show auditors we have controls in place for SOX application changes.

I will be checking out Novell's Fortefi and Cyber-Ark but would like to know who all the vendors are in this space?

Have you heard of ID-Synch by M-Tech? I'll be looking at them as well.

What words would you suggest a person query on to find out more information PAM?

Thanks!

]]> By: Missing: Privilidged Account Management for the Social Web. | Identity Woman http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-153 Missing: Privilidged Account Management for the Social Web. | Identity Woman Mon, 27 Jul 2009 22:22:08 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-153 [...] to articles on PAM, [1] Burton Group Identity and Privacy Blog, KuppingerCole, Information Security [...] [...] to articles on PAM, [1] Burton Group Identity and Privacy Blog, KuppingerCole, Information Security [...]

]]> By: There are many facets of Privileged Account Management | Martin Kuppinger http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-96 There are many facets of Privileged Account Management | Martin Kuppinger Thu, 26 Mar 2009 09:00:07 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-96 [...] I prefer PAM) market is one of the boom markets in IT. I’ve blogged about that recently (here and here). And I’ve talked with many vendors in that market segment about what they are [...] [...] I prefer PAM) market is one of the boom markets in IT. I’ve blogged about that recently (here and here). And I’ve talked with many vendors in that market segment about what they are [...]

]]> By: MartinKuppinger http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-92 MartinKuppinger Fri, 13 Mar 2009 08:33:22 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-92 Hi Matt, I don't think that we can limit PAM to routers, firewalls and other devices with frequently very weak security concepts. For sure, an advanced support for federation as well as for authorization standards (which are still immature) will help. But PAM as well addresses the operating system level, databases and other types of systems. I personally expect that PAM will become more and more part of core IAM solutions (e.g. Provisioning) and will be integrated in these lifecycle management approaches. But specific features for PAM will be required as well in the future - and even when ancient concepts like "root" are replaced by better approaches perhaps sometimes in the future. The question isn't whether we will need PAM features or not - we will, even while some threats (firewall admins,...) might disappear. The question is whether there will be a separate PAM market segment or an integration into other solutions. I think that there will be both - standalone, sometimes specialized (UNIX/Linux only,...) solutions and integrated approaches. Martin Hi Matt,
I don't think that we can limit PAM to routers, firewalls and other devices with frequently very weak security concepts. For sure, an advanced support for federation as well as for authorization standards (which are still immature) will help. But PAM as well addresses the operating system level, databases and other types of systems. I personally expect that PAM will become more and more part of core IAM solutions (e.g. Provisioning) and will be integrated in these lifecycle management approaches. But specific features for PAM will be required as well in the future – and even when ancient concepts like "root" are replaced by better approaches perhaps sometimes in the future. The question isn't whether we will need PAM features or not – we will, even while some threats (firewall admins,…) might disappear. The question is whether there will be a separate PAM market segment or an integration into other solutions. I think that there will be both – standalone, sometimes specialized (UNIX/Linux only,…) solutions and integrated approaches.
Martin

]]> By: Matt Flynn http://blogs.kuppingercole.com/kuppinger/2009/03/12/privileged-account-management/comment-page-1/#comment-90 Matt Flynn Thu, 12 Mar 2009 20:16:23 +0000 http://blogs.kuppingercole.com/kuppinger/?p=150#comment-90 Any thoughts on whether vendor adoption of authentication standards will eventually eliminate the need for PAM as a separate category? In other words, current IAM solutions don't solve the PAM problem because they don't provision to routers or firewalls (as an example). But once the firewall vendors universally support authentication mechanisms that IAM solutions can leverage, will PAM continue to thrive? Any thoughts on whether vendor adoption of authentication standards will eventually eliminate the need for PAM as a separate category? In other words, current IAM solutions don't solve the PAM problem because they don't provision to routers or firewalls (as an example). But once the firewall vendors universally support authentication mechanisms that IAM solutions can leverage, will PAM continue to thrive?

]]>