Who owns the data in your organization? If you’re like many, there’s a chance it’s fragmented. Maybe legal owns governance while security owns data security. IT, legal, security and line-of-business owners might share tasks. Perhaps there is no real data governance or oversight at all. What we hear from people across all industries, though, is that whether they have a mature governance and data security program or a nascent collection of policies expected to evolve over time, there is one specific avenue that remains difficult to address: controlling access to sensitive data. Zero trust and other access controls can help.
Combining Zero Trust and Other Tools
There are plenty of articles extolling the virtues of combined data security and access management tools — and with good reason. By always watching a user’s actions and data security posture and quickly adjusting access privileges as needed, you can preserve data privacy, meet data compliance needs and ensure a zero trust architecture.
But what about privileged access management (PAM)? Privileged accounts are expanding rapidly, becoming more complex and taking more in stride. Today, containers, servers and apps can all have privileged access. This widens the borders of a privileged account as well as the attack surface for bad actors looking for an entry point.
Often, businesses do not practice good hygiene around privileged credentials. They don’t set limits for them beyond typical access policies dictating where, when or how users can access these sensitive accounts. Beyond this, PAM oversight is less easily added into data securit ..
Support the originator by clicking the read the rest link below.
