Zero Standing Privileges (ZSP)
ContentsTraditional PAM creates standing privileges Gartner Zero Standing Privileges recommendations
Zero Standing Privileges (ZSP) is a term coined by analysts, Gartner, to describe the target state for privileged access in an organization to minimize risk of stolen credentials, privilege abuse, breaches, data loss and non-compliance.
Traditional PAM creates standing privileges
Typically, any organization with network infrastucture or any critical data or assets, has personal privileged accounts in play - privileged accounts and privileges exist. Traditional PAM tools have relied on the creation of accounts and privileges.
As the need for privileged access provisioning has grown in complex environments, enterprises face challenges to achieve ZSP. Administrative and maintenance access that includes broad privileges, persistant shared accounts, superuser and root accounts, never-offboarded 3rd party privileges, and password-based access to systems and applications, all contribute the growth of standing privileges.
Organizations that need reduce their attack surface, mitigate the risk of data breaches and achieve compliance should make it a priority to eliminate standing privileges and move towards Zero Standing Privileges.
Gartner Zero Standing Privileges recommendations
Gartner's summary of their Remove Standing Privileges Through a Just-in-Time PAM Approach research states: "The existence of privileged access carries significant risk, and even with PAM tools in place, the residual risk of users with standing privileges remains high. Security and risk management leaders engaged in IAM must implement a zero standing privileges strategy through a just-in-time model."