It’s impossible for a day to pass in which we don’t hear news of yet another data breach, with its resulting loss of proprietary secrets, financial records or personal information. These incidents span all sectors of the economy: commerce, education and government. Already an annual drag on the worldwide economy accounting for hundreds of billions of dollars a year in costs, without immediate and aggressive action it’s projected the bill for cybercrime will mount to the trillions of dollars in less than a decade. Beyond reckoning is the devastating impact to individuals who have suffered the compromise of the most intimate details of their personal lives.
Security specialists have striven to establish perimeter-based defenses that, in the most simplistic of terms, keep the bad guys out and let the good guys in. The never-ending string of breaches we’re witnessing offers prima facie evidence these perimeters have failed at their primary goal. As a consequence organizations are coming to grips with the realization an essential new layer of security, focused specifically on the protection and management of identities, is a critical new requirement in efforts to stem the tide of breaches. Of these identities, none are so critical as those belonging to privileged users. By providing the “keys to the kingdom,” the theft and exploit of these credentials increasingly serves as the principal attack vector in breach after breach.