KuppingerCole Executive Review of Endpoint Privilege Management & the BeyondTrust Solution | BeyondTrust

Risks of Digital Transformation

The coronavirus pandemic sparked a renewed push for digital transformation, so organizations could adapt, become more agile, and stay competitive. The downside is that all the advantages created by adoption of Cloud, IoT, AI, and big data, robotic process automation (RPA), and the many other popular digital transformation initiatives create new risk surfaces. Among the most common and dangerous of these risks are associated with abuse of shared credentials, unauthorized users with elevated privileges, and vulnerabilities on endpoints that have access to sensitive resources. To compound the problem, COVID-19 resulted in many tasks being executed from personal devices outside the company network. These are some of trends that have created an environment ripe for the explosion of malware, ransomware, and other kinds of cyber threats.

Simply blocking all applications or locking off sensitive assets is not an option, so interest in implementation and maturation of Privileged Access Management (PAM) solutions has surged. Vaulting and rotating credentials, delegating privileges, and monitoring privileged session activity are common and crucial lines of PAM defense, but the rapid proliferation of threats has elevated the importance of other PAM concepts, such as least privilege, application control, privileged user analytics, and risk-based session monitoring. Insight into what happens during privileged access is equally important, so discovery of assets, tracking of administrative accounts, and monitoring and auditing of user and machine privileges must be part of an organization’s security strategy.

BeyondTrust’s Solution & KuppingerCole’s View

BeyondTrust Endpoint Privilege Management enables organizations to stop known and unknown threats (i.e. zero days) by eliminating unnecessary privileges and coupling that capability with powerful application control features. Endpoint Privilege Management utilizes a just-in-time (JIT) model for privileged access that dynamically elevates the application, script, or command based on end user-specific security policies—without the necessity of sharing credentials or granting standing, or persistent, privileges. Company resources are kept secure, and access is analyzed and extensively audited.

In their Executive Review report, KuppingerCole positions BeyondTrust Endpoint Privilege Management as a layer between traditional antivirus (AV) endpoint detection and response (EDR) software. BeyondTrust’s solution catches threats that slip through standard AV protections. Additionally, potential malware that is introduced via common applications like Adobe Reader and MS Office are intercepted with Endpoint Privilege Management’s unique Trusted Application Protection functionality.

In their report, KuppingerCole recognizes BeyondTrust’s numerous deployment options, including on-premises and cloud, highlighting that implementation “should be relatively easy for many customers,” with QuickStart policies to get up and running immediately. KuppingerCole specifically calls out the strength of BeyondTrust’s integrations with third party tools from vendors such as SailPoint, Splunk, and others. KuppingerCole also highlights the BeyondTrust solution’s built-in analytics dashboards and the file integrity monitoring capabilities of Privilege Management for Unix & Linux.

Get the KuppingerCole Report

There’s much more to be found in the full version of the KuppingerCole report Executive View: BeyondTrust Endpoint Privilege Management. BeyondTrust is pleased to offer a complimentary copy of the paper. Download it now for KuppingerCole’s take on:

• The modern privilege management market
• Key challenges that drive the need for privilege management
• Elements of a successful PAM solution/implementation
• BeyondTrust Endpoint Privilege Management features and product integrations
• BeyondTrust Endpoint Privilege Management strengths and challenges