Education & Training

Services & Support



{{search ? 'Close':'Search'}}

Privileged Access Management

The Keys to the Kingdom—Are You Protecting Yours?

CA POV on PAM [0:42]

Related Videos


The Challenges of Privileged Access Management

Privileged access continues to face three primary challenges:

  1. Privileged accounts have the permissions and entitlements that, if in the wrong hands, allow an attacker to access and steal sensitive data. But organizations have struggled to control access because, historically, these accounts and their passwords are shared across multiple individuals.

  2. Privileged accounts are often over-granted entitlements to perform key activities like configure, operate or maintain the underlying systems—so, removing or blocking access to these accounts is not a feasible option. Emerging best practices are now advocating to separate these into a more granular set of capabilities.

  3. To validate the effectiveness and worth of restraining access, many organizations need to first discover what privileged accounts are in their environment and then implement a solution that satisfies audit, security and compliance concerns without disrupting operational efficiency.

What is privileged access management?

Privileged access management is the creation and enforcement of controls over users, systems and accounts that have elevated or “privileged” entitlements—examples: admin or root accounts, application accounts. While the creation of these accounts is often governed by companies, the use of these accounts is far too often shared across multiple individuals within the company. These are commonly referred to as shared accounts.

Many public breaches are due to the compromising of privileged accounts. External hackers and insider threats seek out and exploit shared or privileged accounts because of the entitlements they hold as “keys to the kingdom.”

Privileged access management technologies focus on providing granular authorization of users to systems and accounts, auditing and recording attempts to access, as well as vaulting and rotating the privileged account’s credentials including passwords or key/token-based authentication.


Selecting the Right Solution

Privileged Access Management solutions from CA are one of the critical technologies that businesses are implementing to combat insider threat and targeted breaches. The journey for most organizations often starts with privileged password vaulting and issuing these credentials through a checkout process. This gives organizations the ability to control who has access to these accounts and auditors the visibility into who is actually using these accounts and what they are doing.

However, this is not the end state. By necessity, digital transformation changes, accelerates and automates how code, machines and human identities interact. Risk and security concerns become more amplified because these initiatives inevitably result in more points of access that are outside of existing controls and that are accessible by a greater number and more diverse set of identities than before.

The enterprise’s cybersecurity and insider threat strategy needs to evolve with the changing times. Determining which identities should have access to specific services and resources, managing their credentials to the resources and ensuring that the access is appropriate with minimal manual intervention and based on policy is a central challenge to enabling automation, scale and speed. For privileged access management to serve as a key enabler for digital transformation and not be a choke point, the technology and tools need to deliver a consolidated and extensible solution to the risks created by the transformation journey.


Calculating the Cost

Unfortunately, not all privileged access technologies are created equal. Some offer the promise of lower start-up costs, ease-of-use or quick integration for your initial use case but turn out to be very costly as the enterprise seeks to move beyond their pilot project.

Additional hardware, costly value-add capabilities and mounting support costs lead some to question if the cost of security is greater than the risk of a breach. It is not—a breach is far more expensive to the organization than the security to combat it, but there are limits.

Whether you are searching for your first privileged access product or looking to change your current technology, it is critical to factor the total cost of ownership into your evaluation criteria.

Click to watch video


Featured Products


Protect against compromised accounts.

Guard against costly data breaches by protecting a critical attack vector: compromised privileged accounts.

Control access to hybrid environments.

Enforce network- and host-based access controls for enterprise and hybrid cloud applications and data.

Increase security and reduce risk—now.

Experience quick time-to-value via a solution that is easy to deploy and use and provides enterprise scalability.

Want to learn more about combating insider threats and targeted breaches?

Getting Started

Find answers and share knowledge with your peers through interactive forums.

Add to an existing CA product.

Get in touch with CA.

Contact Us

We're here to help move your business forward.

View more ways to contact us >