Rajesh Ganeshan, Vice President-Product Management, Manage Engine, speaks about the leading trends in cyber security and about Privileged Access Management (PAM), an often overlooked area of cybersecurity.
What are some of the leading trends in cybersecurity today?
Privileged access management is a leading trend and it in today’s context, it becomes very important that only those with privileged access to a certain account can access that account. For instance, I could be having a very high privilege to access one function, but that doesn’t automatically mean I have similar access to other functions as well. So how does one manage these different levels of access, while protecting data, and how does one ensure good governance around this? So privileged access management has become very important now.
Another trend is that of protecting data leakage points and understanding the various different points through which data might be leaked out. For instance, people could use code words to leak information and data. I was told that in a certain company, people used the word ‘pizza’ to mean Bitcoin. This is just an example of data leakage. There is also something known as data exfiltration. For instance, people may not steal huge amounts of data in one go, they will siphon it off, bit by bit. So we need systems and controls that not only look at infrastructure, but also assess people’s behavior and patterns etc, to arrive at solutions.
How does Manage Engine make its presence felt in the cybersecurity realm?
So far, for PAM, Manage Engine has had products for the last ten years, that focused on specific technologies only. We focused on protecting access to Windows Systems and Legacy Servers, but going by recent trends, these are simply not enough to tackle the growing technology. So now we are launching something called PAM 360, which will assess every single component of your infrastructure, and look for privileged access and abuse. Are only the right people getting access? Who approved that access? Once they get that access what do they do? If in case they do something that they should not do, can you force them out? All these aspects are built together in a single platform.
The PAM 360 is a comprehensive solution with inbuilt analytics, so it not only looks at systems and applications, but people’s behavior as well. Most of the highly potential attacks happen because of insiders with a lot of privilege. Because, very often, people are given privileges that they need not have. People working on a certain function need only certain privileges. If they move to another function, the earlier privileges should be revoked, and new ones assigned. This process is important and the system should have the intelligence to understand that a person has moved on to another function and so his privileges should be reviewed.
Do you think a lot of data leakage and PAM abuse happens because of lack of awareness?
Absolutely. It is lack of approach that is fuelled by the lackadaisical culture of the organizations, with their top-down approach. Very often, people who are hands on with these security systems spot loopholes and possible abuse points, but they don’t have proper channels to raise their voice. They ether feel insecure or don’t open up. This is because companies don’t create an open culture, and proper communication between the different tiers in an organization is often missing.