The major issue for which our in-house consultants at Inetum-Realdolmen have devised a low-threshold, affordable solution that works extremely effectively, is the security of special privileged accounts. These are accounts with high(er) level access rights, which for example allow managing an application or performing significant actions within a system. It could be a domain manager’s account or an account for approving financial expenditures. This is precisely why they are extremely valuable targets for cybercriminals. The greater permissions allow criminals to navigate unnoticed through business networks, make changes to critical systems and applications, and gain access to highly confidential information.

Time-limiting rights

The problem nowadays is not only that these privileged accounts are literally everywhere, in every IT environment including the cloud, but also that in many cases they have become permanent fixtures. This means the door is always open to cybercriminals. In addition, IT administrators do not always know what employees are doing with their privileges. Malicious insiders can therefore easily abuse their position without anyone noticing. To round out this worrying picture, third parties such as suppliers and customers increasingly enjoy higher level rights in our network economy, and we do not always know exactly where they are present in our systems.

To win this crucial battle in the ongoing war against cybercriminals, both inside and outside our organization, we first need to reduce the number of privileged accounts. The next step is to find a solution that protects, tracks and manages the remaining privileged accounts. Self-Service PIM (Privileged Identity Management), developed by Inetum-Realdolmen, is a solution that does exactly this. For example, Self-Service PIM ensures that privileged accounts are only valid for a limited period. The higher level rights are also assigned just in time: when you actually need them, you request them and they are assigned automatically.  It is just as important that these higher level rights are automatically withdrawn after a fixed time interval. As an administrator, you can also easily monitor all privilege escalations. 

Cloud solution for on-premises management

We are convinced that our Self-Service PIM is filling a gap in what is available from other suppliers. As a rule, they offer either too much or too little functionality. In the first case, their solution is too expensive for many customers; in the other case, it is not really effective. By contrast, the functional focus of our solution is almost exclusively on management of privileges and is limited to the on-premises infrastructure of our customers. Now that we now live in a cloud world and increasingly work in a cloud economy, we sometimes lose sight of the on-premises aspect. The reality is that nowadays almost all our customers operate in a hybrid environment. This means, for example, that they still have an on-premises Active Directory. And they still have to manage their identities in this on-premises environment, not just in the cloud.

Remarkably, Self-Service PIM is a pure cloud solution. It’s essentially a web application running on Microsoft Azure. In other words, customers do not need to install the application themselves. All they need to do is to install an on-premises agent, which then performs all the actions driven by the web application. This agent can also be downloaded using the same web application, which can be purchased via Azure Marketplace. Unlike most other PIM solutions on the market, customers can perform the minimal configuration on their own. There are no significant implementation or consultancy costs involved when using Self-Service PIM. The result is a focused solution that not only works effectively and delivers what it promises, but is also easy to learn and affordable.
 

More information?

You can contact our experts directly via info@inetum-realdolmen.world.