Privileged Access Management Trends and Challenges in 2021: Keeping Organizations Secure

Michael Fritzlo, Executive Chairman, Ironsphere

Two mega-trends are impacting investment in the Privileged Access Management domain, given what enterprises have gone through in 2020. First, remote working has proven to be productive when enterprises put the right workflow and applications in place, so we do not expect businesses will ever return to the same mix of in-person and remote workers. With a “location independent” approach, CIOs are rethinking their overall cybersecurity posture, given that not only are employees working remotely more than ever, but so are contractors, partners, and customers. The ability to adapt and evolve has been a stunning testament to how agile enterprise IT teams have been, as the digital transformation to cloud has been accelerated and is largely working out well. The downside has been new attacks by adversaries of all kinds, who understand the vulnerabilities in a cloud-based, remote working world, so companies and their vendors must remain hyper-vigilant in ensuring only those who must access networks, applications and data can do so, and must automate support for their “power users” to keep business operating with as little risk as possible.

A second related trend is the need to ensure private and sensitive information is protected, especially that which is shared by customers.

Take contact centers for example – hundreds of thousands of agents were moved to remote working within days or weeks, to comply with global mandates to stay in place and work from home. These agents handle millions of transactions with consumers, across financial services, insurance, healthcare and telemedicine, government aid, including unemployment insurance and other assistance programs, which is driving massive growth in the sharing of personal and private information. Organizations started to switch the cybersecurity technologies they are using from the ones “securing perimeter” to “securing access to applications and systems”, and in 2021 are moving quickly to adapt cybersecurity technologies that provide location independent secure access to applications and systems. This is a top priority, and within that priority, ensuring super-user and admin accounts, the sweet spots for attackers, are more protected than ever, including automation techniques which make this protection achievable.

It was appropriate for executives to be both focused on the pandemic in 2020, while also remaining agile, given the amount of uncertainty in society and economically. What we are seeing in working with our large enterprise clients, including banks, communications service providers, software and tech companies, healthcare and government agencies, is greater attention to sustainable cybersecurity solutions, so that responding to the next crisis will be easier. We’ve also had tremendous adoption of our particular solution, since it was built for the cloud, and so many applications and so much storage and compute moved to the cloud faster than expected given the work-from-home rules.

We’re seeing increasing momentum in overall digital transformation, but the same basic principles still apply: business agility, cost management, compliance and governance requirements, and general operational excellence. The interest level in automation, AI, machine learning, mobility and IoT as elements of productivity and workflow platforms has also skyrocketed, so as a business we have invested in accelerating our roadmap to support our client base. Finally, Customer Experience has become more important than ever, as part of a robust competitive posture – so while more security solutions are being implemented, ensuring intuitive and friendly engagements is key, with all the security running efficiently in the background. This applies to internal as well as external interactions, and will be a key trend in 2021 and beyond.