Protecting privileged credentials is essential in the cybersecurity strategies of companies of all sizes and verticals. According to Verizon in its Data Breach Investigations Report 2021, 61% of data leaks involved privileged credentials. No wonder they are called “keys to the kingdom”, as they allow access to valuable information from the organization and which are often targeted by cybercriminals. Thus, protecting these “keys” from malicious attackers, granting secure access, and properly monitoring the actions performed in the environment through privileged access is essential not only in your cybersecurity strategies but also for business continuity.
It is no wonder that Gartner has chosen Privileged Access Management, or PAM, as the number-one security project for two years in a row. But what are the main trends and which capabilities offered by senhasegura meet the requirements established by the market according to Gartner?
First of all, we need to address what Gartner is and its importance to the technology market. Founded in 1979 in the city of Stamford, Connecticut, Gartner works through its network of 16,000 associates spread across 100 countries, assisting organizational leaders with their business insights. What makes Gartner different from other companies in this market is that, while most of them work only with management consulting for their clients, Gartner also works in the development of market research, in addition to events, when its analysts offer tech-related sessions for their clients and non-clients.
Gartner defines the PAM market as a fundamental security technology that aims to protect human and non-human accounts (also called machine accounts or service accounts), credentials, and operations that offer a high level of privilege. This type of privileged access differs from others in that it allows maintenance features, configuration changes, and adjustments to the security controls implemented in an organization’s infrastructure. Thus, it is necessary to properly manage all accesses performed in the environment, and only authorized users should be able to access data and systems. It is worth mentioning that in a scenario of increasing cyberattacks and data leaks, one needs to implement strict controls to manage privileged user access. It is estimated that, by 2022, 90% of organizations will recognize that mitigating PAM risk is fundamental risk control, a 70% increase over 2020.
Since 2020, Gartner finds that the PAM market continues to mature with accelerated adoption. It is estimated that the size of this market will reach $2.9 billion in 2024, an increase of more than 50% if compared to 2018, and that it will reach $2.2 billion in 2021, an increase of 16% over the previous year. Also, Gartner estimates that, by 2022, 70% of organizations will implement practices associated with PAM across all of their use cases, a 40% increase over 2020.
This expansion comes through the increased adoption of PAM by companies of all sizes. Once limited to medium and large companies, we have seen increasing PAM implementation in small organizations, primarily due to the shift in cyberattackers’ focus. As global companies already have a certain maturity in cybersecurity, hackers have preferred to take advantage by exploiting vulnerabilities in those most vulnerable companies, which in many cases do not even have a specific area for Information Security. By 2022, 60% of organizations will realize the benefits of PAM, in addition to the greater reliability and faster responses to changing IT environments, a 30% increase over today. And to respond to this scenario, also considering the migration to remote working models, PAM vendors started to offer solutions in SaaS environments. This implementation model allows lower licensing, deployment, and operation costs as well as lower Time to Value.
In this scenario, while small businesses are starting with basic PAM use cases such as credential discovery, remote session management, and elevation of privilege, larger companies have been exploring more advanced use cases. These cases include, for example, protecting credentials used by machines and software, the so-called secrets, and auditing privileged sessions. In addition, global and large organizations have also been demanding more elevation of privilege for a limited time through Just-in-Time (JIT) approaches, allowing for a smaller attack surface and reduction of cyber risks.
To help organizations of all sizes choose which PAM solution to deploy in their infrastructure, IT leaders should use Gartner’s Magic Quadrant reports as a guide. The Magic Quadrant for PAM allows you to assess different vendors and their market positioning, as well as their vision and how they perform according to Gartner’s market vision. This is done through the two axes of the quadrant: one axis representing the vendor’s market awareness, called Completeness of Vision, and the other that reflects the Ability to Execute its market view.
In the Magic Quadrant for PAM 2021 report, Gartner highlights the attention vendors have paid to remote privileged access and secret management in DevOps environments, as well as how PAM is currently a mature market. Even with a reduction to 10 vendors in the Magic Quadrant, once again, senhasegura was present as the only one from Brazil and Latin America. Positioned as a Challenger vendor, senhasegura stood out for its considerable evolution in the Ability to Execute axis.
As a strong point, Gartner’s report brings the rapid improvement in senhasegura’s capabilities and our ability to deliver new product features in the last year. According to Gartner, senhasegura has one of the most technically advanced PAM solutions. Also, the report highlights our ability to discover and add privileged accounts and to automate privileged tasks, or PTA. Gartner chose senhasegura as the best solution on the market in these aspects. Another highlight in the report was our pricing policy, which is considered highly competitive and below average for all scenarios assessed by Gartner.
Finally, the report brings the Customer’s Choice distinction as a strong point of senhasegura, which is obtained through the Peer Insights review platform. In their reviews, clients positively rated the ease of use of our PAM platform, highlighting the user-friendly interface and easy-to-implement features.
As a roadmap, Gartner highlights our plans to use Artificial Intelligence to analyze sensitive data in automation scripts and source code, in addition to the inclusion of Cloud Infrastructure Entitlement Management (CIEM) capability.
Senhasegura are proud of the work they have done and the recognition of all this effort not only by Gartner, through the Magic Quadrant report, but also by their clients through the Peer Insights platform. These results indicate that we are on the right path towards the next magic quadrant: the leaders.