Can we restore trust in the idea of privileged access? (Image Credit: Alex Kotliarskyi on Unsplash)Privileged access management (PAM) has been a talking point for decades in the IT industry. The risks of getting it wrong have been disastrous for many companies. So why are we still struggling to make sense of PAM, and what needs to be done to improve how we use it?

To get some answers to that question, Enterprise Times sat down with Andy Harris, CTO at Osirium. We started by asking him, how do we restore trust in the idea of privileged access? And how do we begin to show people that Privileged Access Management actually can work?

Andy Harris, CTO, Osirium (Image Credit: Osirium)
Andy Harris, CTO of Osirium

Harris says, “The history of most companies is bits of acquisitions, bits of change, people that have been in the organisation a long time and have acquired lots and lots of privileges that maybe they shouldn’t have.” All of this creates pain points. Those acquired privileges mean that users have access to things they shouldn’t.

So how do we address this? Harris says that the starting point has to be separating people from the credentials. He believes that we should create roles with given sets of credentials that we know and understand. Users are then added to the roles and removed when they no longer need the role.

Where this pays off big time is when users change roles. You can leave them in the existing role for a while but move them into their new role by creating a parallel profile for that user. After a while, you just remove the old role. It prevents the roll-up of privilege that happens too often.

We also asked Harris if IT was the right place to handle all of this. After all, HR has a better understanding of joiners, movers and leavers (JML). His view is that there is a complexity that HR will struggle with when it comes to what people need. For IT, that is not good news. It means it is stuck with this problem going forward.

To hear what else Harris said and other ways of dealing with the problem, listen to the podcast.

Where can I get it?

You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.

Enterprise Times on Spotify (Image Credit: Spotify)

Enterprise Times on Soundcloud (Image Credit: Soundcloud)

Enterprise Times on Google Podcasts (Image Credit: Google)

Enterprise Times on Stitcher (Image Credit: Stitcher)

Enterprise Times on Podchaser (Image Credit: Podchaser)


Please enter your comment!
Please enter your name here