In today’s fast-paced digital business environment, data breaches happen daily and can be devastating to an organization’s reputation and revenues. Some of the biggest in recent years include a data breach at Marriott International (which impacted 500 million customers), Equifax (which exposed the personal information of nearly 148 million customers), and Uber (which left 57 million customers and 600,000 Uber drivers vulnerable to identity theft).
RewardExpert recently spoke with Donald Hasson, BeyondTrust’s senior director of product management, about how the company’s privileged access management (PAM) portfolio can help other businesses reduce their risks of a data breach with simple to integrate solutions that enhance user productivity and maximize IT security.
Worldwide Leader in Privileged Access Management
Originally founded as an individual company back in 1985, the BeyondTrust of today has evolved through the union of several world-renowned players in the privileged access management market including Bomgar, Avecto and Lieberman.
“Bomgar was in the remote support and privileged access space,” Hasson explained, “and they acquired Lieberman, a leading software company in privileged identity and password management, and Avecto, a leader in endpoint least privilege, and finally BeyondTrust. This created a PAM portfolio with incredible breadth, bringing together password management, endpoint least privilege, and a fantastic platform that we call BeyondInsight, which integrates all of these solutions under one umbrella.”
Hasson said that the new BeyondTrust’s 20,000 customers worldwide include businesses in banking and finance, healthcare, government, utilities and other highly regulated industries along with organizations that want to improve their network and data security above and beyond any compliance requirements.
“In terms of size, our customers tend towards the upper end of the spectrum,” he added. “Large organizations like Fortune 50 global companies depend on BeyondTrust every day. But we’ve worked really hard to make sure that our solution is easy to use and easy to manage. That’s good for small organizations as well as large ones.”
Modern Risk Reality
According to the company’s website, it takes an organization 197 days on average to realize that data has been breached. Many of these breaches arise because employees, vendors and others have unnecessary access or extensive access to systems and data—a modern risk reality of which organizations are often unaware.
“Reports of data breaches have really raised the visibility of security in general,” Hasson said. “But we’re still seeing a lot of companies putting an emphasis on traditional security means like firewalls and SPAM filters. The reality is that privileges are a larger source of risk, and the focus on that hasn’t increased as much as we’d like to have seen over the past several years. The vast majority of data breaches either start or end with something related to privilege.”
In addition to excessive end user privileges, other privilege issues that can lead to data breaches include passwords and credentials that are shared and unmanaged and IT assets (like desktops, laptops and servers) that are allowed to communicate unchecked.
“Password hygiene is an obvious example and one that even consumers can recognize,” Hasson continued. “Most consumers have hundreds of passwords and no way to manage them. That’s a significant challenge for organizations as well. And every day, we continue to run across companies that still allow administrative rights for end users. This means that a less security-conscious person at their company could inadvertently run a piece of malware in an administrative context, which would then make its way throughout the rest of the organization.”
Solutions to Mitigate User Risk
Fortunately, Hasson said that BeyondTrust’s comprehensive suite of integrated solutions reduces privilege risks while improving usability and reducing costs.
“At BeyondTrust, there are three pillars within privileged access management,” he continued. “The first is managing privileged passwords and credentials. The second is related to endpoint least privilege –or the removal of admin rights on endpoints so that malware can’t do anything beyond just running at that endpoint. And the third is privileged remote access, because remote access is generally the number one attack vector.”
Hasson explained that BeyondTrust also believes that helping customers secure their environments in an automated fashion is essential. To this end, they offer an industry-leading vulnerability management tool that customers can use to detect vulnerabilities on endpoints and applications.
“We’ve integrated the tool with our other solutions so that we can make decisions, for example, to allow or not allow remote access connection to a machine,” Hasson added. “We will not allow remote access if we detect a vulnerability on that machine, such as elevated administrative rights. While not part of the core of PAM, vulnerability management really rounds out an organization’s security posture.”
Businesses interested in BeyondTrust’s suite of solutions can contact the company’s sales team for pricing. “For the most part, our PAM portfolio is based on endpoints,” Hasson said. “We try to make our pricing structure very simple and predictable, so enterprises can understand what they need to budget for. We have a fairly straightforward licensing model to determine what your costs are going to be.”
Security Investment Without Reduced Productivity
An affordable privileged access management solution is easy on businesses’ bottom lines, but Hasson said that use of BeyondTrust’s PAM portfolio offers organizations other financial benefits as well.
“Security solutions act as a bit of an insurance policy,” he continued. “They protect you against damages or loss. That’s obviously true from what we’ve seen in the news. There’s a whole host of revenue and financial impacts of a data breach. With the probability of breaches increasing, it’s getting easier to make the case for security investment, even at the board level.”
Because BeyondTrust’s solutions are so easy to use, they don’t reduce productivity either.
“We spend a lot of time balancing security and productivity in our solutions,” Hasson said. “You don’t want to implement a security solution that slows the business down. That hurts revenue and the bottom line. It also encourages people to find a workaround and you end up with a less secure environment. We’re pushing the envelop so that our solutions help you avoid loss while actually establishing frameworks that encourage productivity.”