We are proud to be included in KuppingerCole’s "Leadership Compass 2020: Privileged Access Management" as one of the Overall Leaders. A direct quote from the report:
“The PAM market is becoming more competitive and size alone will no longer keep vendors at the top. This is especially true in a period when vendors like SSH.COM can go from Challenger to Leader in one year due to a strong focus on technology and innovation."
– Paul Fisher, Leadership Compass 2020: Privileged Access Management
This is an important point for us. We believe that we offer a truly different and unique alternative for managing access for administrators, developers, 3rd parties and agile DevOps teams. Also, our customers often emphasize the following three benefits:
If you are hosting a large environment where the majority of your applications are hosted on physical servers, we don’t even pretend PrivX is the only solution. Traditional PAM vendors built their solutions when ‘physical’ was all the rage.
PrivX uses a more modern approach, like microservices architecture. It is therefore a multi-cloud-native and on-premise friendly solution, where cloud features are not an add-on, but built-in from the very start.
If you run a host environment, where you use only one cloud service provider (like Azure), you can perhaps manage with native tools. When migrating to the cloud, however, you are more likely to mix your services, like adding Amazon Web Services (AWS) and Google Cloud Platform (GCP) to the mix, while still managing physical servers. Additionally, moving your applications to the cloud is rarely a ‘lift-and-shift’ project, it’s a gradual process.
All of a sudden, the number of configurations needed is multiplied, the tool stack grows, developers hop from one console to another – and your administrator runs the risk of losing sight of who has access to what resources, why, and at which level of privilege.
PrivX can centralize your access needs into one, UI-based solution. Your developers get a single sign-on (SSO) to only their available servers, automatically every time they log in. Your admins enjoy automated cloud host discovery (and painless dev onboarding and offboarding). Your R&D team enjoys operational efficiency at the speed of DevOps. It’s just one-click to hybrid cloud for them.
Cloud is where the savings are: choose an access solution that fits the bill when migrating.
Uber has their own certificate authority, Facebook has built a scalable and secure access with SSH and Netflix has their BLESS. These are some of the most forward-looking companies, and they are looking for ways to solve their access challenges that are often related Secure Shell (SSH). These three companies have built certificate-based access solutions in-house instead.
Why? An SSH key is an access credential in the SSH protocol used for automated processes, and for implementing single sign-on by system administrators and power users. SSH keys are easy to use and configure, and for that reason they are being regularly generated in the thousands. This is a serious security and compliance risk, since these keys never expire by default, and can be used and shared without an identity associated to them and tend to accumulate over the years.
With certificates, you can operate differently. As described by Uber, Facebook and Netflix, the task of rotating, managing and deleting keys becomes easier. But even then, the problem of existing SSH keys in your critical IT infrastructure persists.
We took this innovation a step further. In fact, we can help your developer teams establish SSH and RDP connections, without anyone ever having to configure any access credentials (like SSH keys) at all. Our PrivX is a centralized access management gateway and a certificate authority (CA) that creates a method for just-in-time (JIT) authentication.
As opposed to always-on credentials like SSH keys or RPD passwords, our solution offers an always-temporary access.This has several benefits:
This aligns well with the Zero Trust framework (don’t trust verify) and Gartner’s Remove Standing Privileges Through a Just-In-Time PAM Approach. Now, KuppingerCole states in their report that:
“It’s an innovative approach but one that does bring functional and security advantages – access is faster, onboarding and offboarding of privileged users is quick and there are no passwords to issue or lose, since there are no permanent leave-behind credentials. Furthermore, users never handle or see any credentials or secrets at any point when accessing servers.” – Paul Fisher, Leadership Compass 2020: Privileged Access Management
Agreed.
Working from home and secure remote access for developers, administrators and 3rd parties are here to stay. Case in point: Twitter announces employees will be allowed to work from home ‘forever’. How quickly can you scale your services when needed, and how fast can you can respond to changes is therefore more important than ever.
These are the questions to ask:
We have been challenging the access market for some time. At the same time, modern companies are looking for solutions that help them migrate to cloud. Such as ensuring that:
We are very proud to have risen from a KuppingerCole Challenger to an Overall Leader in just a year. Many other companies have taken years to make this leap. We’ve made sure that our product development cycles are fast and customer projects take just days, so that that we can deliver value to our customers quickly.
Maybe it's time for you to challenge your notions about what privileged access means and how it should be implemented?
Download the full 2020 KuppingerCole Leadership Compass: Privileged Access Management report for free here.