What is NIST Privileged Access Management?
Privileged access management (PAM) encompasses the cybersecurity strategies and technologies necessary to secure, monitor, and control privileged access accounts, i.e., user accounts that have more privileges than ordinary user accounts.
NIST Special Publication 800-53, published by the National Institute of Standards and Technology, offers a catalog of cybersecurity and privacy controls for all U.S. federal agencies and information systems except those related to national security.
NIST 800-53 incorporates controls based on threat intelligence and empirical attack data, including controls to strengthen PAM cybersecurity and privacy governance and accountability.
NIST 800-53 also requires organizations to use the principle of least privilege, i.e., limiting access rights for users, accounts, and computing processes to only those they need to perform their jobs. That is the least amount of privilege necessary.
A strong privileged access management tool can help companies that want to apply the NIST 800-53 cybersecurity controls become NIST compliant and better able to prevent cyber attacks. A robust privileged access management tool also protects the federal government’s sensitive data and citizens’ personally identifiable information (PII).
PAM cybersecurity strategies and technologies address the cybersecurity vulnerabilities that are introduced when users with high-level permissions need to access critical systems. For example, users with privileged access accounts might be required to install or remove software, upgrade the operating system, or modify system or application configurations.
Also known as system administrator accounts, privileged access accounts give users elevated, frequently unrestricted access to a company’s underlying information systems and infrastructure. As such, they’re targets for external bad actors and insider threats. Cybercriminals can use privileged access accounts to gain access to corporate resources and critical information systems, causing data breaches.
Organizations, including those in the financial services sector, face cybersecurity challenges with privileged account management, resulting in significant cybersecurity risk to their businesses, including data theft, sabotage, espionage, ransom, as well as employees bypassing critical access controls.
An effective privileged access management tool will address such areas as advanced credential security, user activity monitoring, and information systems and data access control. PAM tools ensure that users only have access to what they need to do their jobs.
To address the cybersecurity challenges organizations in the financial services sector face, the National Cybersecurity Center of Excellence (NCCOE) at the National Institute of Standards and Technology, along with technology vendors and experts from the financial services sector, developed a guide that offers practical guidance to companies in the financial services sector that want to implement privileged account management tools.
The National Cybersecurity Center of Excellence’s guide demonstrates PAM solutions that use products that are commercially available to help organizations in the financial services sector secure and enforce corporate policies for privileged access management.
The NCCOE’s PAM reference guide illustrates how combining monitoring, auditing, and access controls can help organizations in the financial services sector prevent unauthorized access to privileged access accounts.
The NCCOE’s practice guide to address privileged access management can help companies in the financial services sector:
- Identify vulnerabilities and risk factors that could lead to cyber attacks,
- Limit the chances for successful cyber attacks by improving access control over privileged accounts,
- Improve efficiencies by decreasing the complexity of managing privileged access accounts,
- Simplify compliance by generating automated reports and documentation.