When access is a privilege; Senhasegura bolsters its PAM platform

Credentials are candy to hackers; whether granted to people, machines or automated processes, they unlock the doors to access, management and alteration (and theft) of confidential data and critical features.

And within organizations, there are a multitude of accounts, devices and users with various types and levels of privileged credentials — but management of sprawling systems can often be a challenge, thus increasing exposure to leaks and attacks.

“It is precisely because privileged credentials offer such powerful access to critical resources that they are one of the favorite targets of malicious attackers,” said Marcus Scharra, cofounder and co-CEO of Senhasegura. 

This increasing risk has given rise to privileged access management (PAM), a set of information security strategies and tools that manage and protect identities within an organization. 

“Simply put, PAM is a solution that provides layers of protection to the operational environment to prevent cyberattacks, risk of data breaches, and financial losses from high-resource accounts,” said Scharra, whose company today announced a $13 million series A investment from Graphene Ventures to help bolster its PAM platform. 

Higher levels of protection with PAM

Experts describe PAM as a subcategory of identity access management (IAM); platforms typically feature automated password management such as vault capability, auto-rotation and generation.

The market for such tools is expected to reach $19.7 billion by 2030. Some top vendors include IBM, Delinea (formerly Thycotic), CyberArk, Broadcom and Osirium. 

Market growth is being driven by growing government regulations, rising cloud adoption and hybrid work structures — and, most notably, increases in cyberattacks due to internal threats. 

In fact, according to Verizon’s 2022 Data Breach Investigations Report, an incredible 82% of cybersecurity breaches are due to a human element. The World Economic Forum puts it at even higher than that: 95%. 

“Privileged accounts have privileged access that can negatively impact production systems or other business outcomes, including access to sensitive information,” according to Gartner.

Ideally, the firm says, privileged access should be just in time — that is, authorized users gain it for a short time, then lose it (until they require it again). And, while some exceptions will have to be made, these should be kept as low as possible. 

“The ratio of always-on accounts to individuals who may use them, is a protection level for unauthorized access to sensitive, powerful accounts and a value measure for your investment in privileged access management,” according to Gartner. 

Strict access controls

Senhasegura’s flagship 360º Privilege Platform automates and centralizes strict access controls to help meet compliance requirements, said Scharra. The platform is differentiated because it is available in both software or hardware, he said (he pointed out that most PAM providers offer only software versions). Also, the company has built the tool from scratch. 

The platform manages the full certificate life cycle: discovery, expiration, automatic renewal and republishing. As Scharra noted, this helps reduce business outages and enables greater efficiency and security. 

Senhasegura also scans, identifies and imports all credentials into a security vault, eliminating unmanaged credentials and simplifying the process of removing credentials when an employee leaves a firm or is no longer authorized, said Scharra.

An identity management and discovery feature automatically maps and identifies all assets connected to the environment and their respective credentials, he explained. And a devops secrets-management component helps improve devops security by scanning and discovering sensitive information such as passwords, API keys and SSL certificates, and devops secrets. 

Imagine, for example, the scenario of a fired and unhappy employee who hasn’t had their privileged accesses removed, said Scharra. They could easily become an attack vector. 

“PAM increases visibility to cyber administrators and reduces operational complexity,” said Scharra. “It forms a strong wall of defense against attackers.” 

Still, it isn’t all about just tools; organizations must adopt a widespread cybersecurity culture, he said, calling this “a key safety precaution.”

“There is no point in investing in cutting-edge protective technologies if the users are not trained to follow basic security practices,” said Scharra. 

He said this includes publicly known practices such as avoiding opening emails from “dubious senders,” avoiding connecting corporate devices to public or unknown networks, and not sharing or repeating passwords. 

“The best security strategy combines education with technologies such as PAM to defend against attack,” he said. 

The São Paulo, Brazil-based Senhasegura —  whose customers include one of Brazil’s largest national defense contractors — will use the new infusion of funding to strengthen its presence in LATAM, North America and the Middle East. 

The company launched MySafe personal password vault in October, and it will continue expanding its platform in 2023, said Scharra. 

He noted that, between 2018 and 2021, the company experienced a 71% CAGR in bookings and 5.6 times growth in annual recurring revenue (ARR). It was also awarded the 2022 Frost and Sullivan Customer Value Leadership Award for Privileged Access Management (PAM) Industry Excellence in Best Practices. 

“Currently, our partners span 55-plus countries, and we have operations in the Americas, Europe and Asia,” said Scharra. “I look forward to further increasing our territorial coverage to reach and serve new customers.”

Originally appeared on: TheSpuzz