ThreatLocker this week added a privileged access management (PAM) tool to its portfolio of offerings that enable managed service providers (MSPs) to better lock down the application environments they support.
Available as a trial offering, the ThreatLocker Elevation Control makes it simpler to add and remove administrative rights without having to interrupt service, says ThreatLocker CEO Danny Jenkins. MSPs can also set durations for how long users are allowed access to specific applications.
The PAM tool is an extension of Application Control Suite, a cloud service ThreatLocker provides that enables MSPs to both whitelist applications as well as limit access to connected applications using a “ringfencing” capability that ThreatLocker uniquely enables, adds Jenkins.
The addition of the PAM tool comes at a time when in the wake of a series of high-profile breaches MSPs are under more pressure than ever to demonstrate they have implemented a zero-trust architecture.
At the same time, MSPs are also being asked to better secure applications as the employees of the organizations they support continue to work from home to help combat the spread of the COVID-19 pandemic. Even once a COVID-19 vaccine becomes widely distributed many of those employees for a variety of reasons will continue to work from home. Cybercriminals, meanwhile, have become especially adept at compromising the credential of end users that in many cases are using their own machine on insecure wireless networks to access applications.
MSPs are being held responsible for securing those environments even though most small to medium businesses (SMBs) have not put any controls for accessing applications, notes Jenkins. In many cases, the end customer just assumes the application environment is secure.
“There’s too much faith in vendors,” says Jenkins.
Rather than having to build the capabilities required to secure application environments themselves, the ThreatLocker approach enables MSPs to employ a cloud service that is already available. It may not be clear to what degree end customers will pay extra for PAM capabilities but many MSPs may rest easier knowing they have the capability turned on.