The Zero Trust Framework and Privileged Access Management (PAM)

✍ Scribed by Ravindra Das

Publisher: CRC Press
Year: 2024
Tongue: English
Leaves: 126
Edition: 1
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

This book is about the Zero Trust Framework. Essentially, this is a methodology where the IT/Network Infrastructure of a business is segmented into smaller islands, each having its own lines of defense. This is primarily achieved through the use of Multifactor Authentication (MFA), where at least three more authentication layers are used, preferably being different from one another.

Another key aspect of the Zero Trust Framework is known as Privileged Access Management (PAM). This is an area of Cybersecurity where the protection of superuser accounts, rights, and privileges must be protected at all costs from Cyberattackers. In this regard, this is where the Zero Trust Framework and PAM intertwine, especially in a Cloud-based platform, such as Microsoft Azure.

However, as it has been reviewed in one of our previous books, the use of passwords is now becoming a nemesis, not only for individuals but for businesses as well. It is hoped that by combining the Zero Trust Framework with PAM, password use can be eradicated altogether, thus giving rise to a passwordless society.

✦ Table of Contents

Cover
Half Title
Title
Copyright
Dedication
Table of Contents
Acknowledgment
Chapter 1 Introduction
Chapter 2 The Zero Trust Framework: The Origins of the Zero Trust Framework
In 2011
In 2018
In 2019
In 2021
From 2021 to Present
The Demise of Perimeter Security
The Emergence of the Zero Trust Framework
The Basic Zero Trust Framework Model
What Is Segmentation?
The Advantages of the Zero Trust Framework
Best Practices of the Zero Trust Framework
The Disadvantages of the Zero Trust Framework
Some of the Best Practices
The Flaws with the Traditional Zero Trust Framework Model
Chapter 3 The Components of Privileged Access Management: What Exactly Is PAM?
The Features of a PAM Service
The Challenges of an On-Site PAM Solution
Vendor-Based PAM
The Different Types of PAM Accounts
Non-Privileged Accounts
Privileged Accounts for End Users
Privileged Accounts for Machines
How to Determine Who Gets PAM Privileges
The Security Risks Posed to PAM Solutions
The Four Pillars of Privileged Access Management
Privileged Access Management versus Personal Identity Management
A Review of Privileged Access Management
A Review of Privileged Identity Management
Other Related Areas of Privileged Access Management
A Review of Cloud Infrastructure Entitlement Management
A Review of Just-in-Time Access
The Security Issues Privileged Access Management "Sprawl"
Where Privileged Access Management Sprawl Exists – The IaaS
Various Issues of Privileged Access Management in the Cloud
What Businesses Really Need
The Battle between On-Premises and Cloud-Based Privileged Access Management
The Best Practices for a Privileged Access Management Cloud Deployment
The Weakness of Repeated Authorization and Authentication
The Strains of On-Prem PAM
Why PAM Is Better Suited for the Cloud
The Advantages of Using PAM in the Cloud
A Best Practices Guide for Deploying a PAM-Based Solution
The Mistakes That Are Made When Deploying PAM Solutions and How to Fix Them
The Importance of Just-in-Time (JIT) Access
The Four Pillars to PAM Success
The Finer Points of Privileged Access Management
Privileged Session Management
Privileged Access Management in the Cloud
The Limitations of Traditional PAM Models in the Cloud
Conclusions
Chapter 4 The Passwordless Society: Introduction
The Components of a Passwordless Society in the Zero Trust Framework
The Origins of a Passwordless Society
IEEE P1363 – Wikipedia
Key Considerations for the Passwordless Society in a Zero Trust Framework
The Key Stakeholders in the Passwordless Society
Set-Up the Plan
Index

📜 SIMILAR VOLUMES

Designing an IAM Framework with Oracle I

📁 Designing an IAM Framework with Oracle Identity and Access Management Suite

✍ Jeff Scheidel 📂 Library 📅 2010 🏛 McGraw-Hill Osborne Media 🌐 English

Maintain a high-performance, fully integrated security foundation across your enterprise using the detailed information in this Oracle Press guide. Designing an IAM Framework with Oracle Identity and Access Management Suite explains how to reduce risk exposure by effectively managing your full spect

Designing an IAM Framework with Oracle I

📁 Designing an IAM Framework with Oracle Identity and Access Management Suite

✍ Jeff Scheidel 📂 Library 📅 2010 🏛 McGraw-Hill Education 🌐 English

Develop and Implement an End-to-End IAM Solution Maintain a high-performance, fully integrated security foundation across your enterprise using the detailed information in this Oracle Press guide. Designing an IAM Framework with Oracle Identity and Access Management Suite explains h

Health informatics. Privilege management

📁 Health informatics. Privilege management and access control. Implementations

📂 Scientific

Health informatics. Privilege management

📁 Health informatics. Privilege management and access control. Overview and policy management

📂 Scientific

The Zero Trust. Framework Threat Hunting

📁 The Zero Trust. Framework Threat Hunting & Quantum Mechanics

✍ Ravindra Das 📂 Library 📅 024 🏛 CRC Press 🌐 English

The Zero Trust Framework: Threat Hunting

📁 The Zero Trust Framework: Threat Hunting & Quantum Mechanics

✍ Ravindra Das 📂 Library 📅 2023 🏛 CRC Press 🌐 English

The Cybersecurity landscape is a daunting one today. It is nothing like it was 10 years ago. Now, it has become very complex, covert, dynamic, and stealthy. It has literally become a cat and mouse game, in which the Cyberattacker is still one step ahead. This is despite all of the technolog