EDITOR’S QUESTION
access management (PAM) solutions
can control the user’s access but cannot
control the file system and access tasks
executed by processes, nor perform data
discovery within files. File system and process
solutions (DCAP) can provide segmentation
and encryption to files and directories
dynamically but cannot control the actual
user being authenticated in the first place.
This is true for File Integrity Management
(FIM) solutions as well. Authentication is all
or nothing.
As stand-alone solutions, both components
effectively manage a portion of the access
model but only when combined, or used
together, do they completely protect the
entire stack from malicious access. The
solution to protecting online data utilises
both Privileged Access Management
(PAM) technology and Data Centric Access
Policy (DCAP) strategically to block threats
vertically along the traditional computing
model. This includes managing privileges
with a PAM solution and controlling the
file systems, data contents and encryption
with a DCAP technology. This satisfies all
the use cases from the cloud, to on-premise
implementations for securing data online.
Therefore, complimentary security solutions
are becoming the methodology of choice to
protect online data, since one discipline alone
cannot satisfy all of the use cases effectively
and threats from a potential attacker or
insider threat need a blended approach in
order to be effective.
www.intelligentcio.com