wonderfully unique software solutions

Thycotic moves up Privileged Access Management ranks for Gartner

Channel-only security specialist Thycotic has risen up the ranks in Gartner’s Magic Quadrant for the expanding Privileged Access Management (PAM) market.

Simon Azzopardi, senior vice president for EMEA and APAC at Thycotic, told Weirdware.com that Gartner expects half of target organisations to implement a just-in-time PAM model by 2024 — with channel partners focusing on firms that turn over at least $100m a year in pole position to benefit.

“It’s companies that are really above $100m in annual revenue that are spending money on real PAM,” Azzopardi said. “Again, in the [Gartner] report it says if they do implement just-in-time PAM, companies will experience 80% fewer breaches than other companies. And this is really key, because it’s one of the easiest ways to reduce the attack surface.”

The PAM opportunity is exploding because customers now know they need PAM to reduce the attacks or at least mitigate the attacks that are being carried out, and they are turning to partners and asking for recommendations. And they can certainly come to Thycotic for help, Azzopardi added.

“We’re 100% channel. Channel is always at the forefront of everything we do, even from a marketing perspective whenever our marketing team creates any sort of campaign. They’re not just standard campaigns, they’re channel campaigns, so they allow our partners to go and create customised versions within their customer base,” he said.

Anna Michniewska, senior marketing director for international business at Thycotic, noted that channel partners often have very small marketing departments. As a result, Thycotic tries to “act like a little bit of a marketing agency” for partners, going beyond the partner portal and referrals to work more closely with resellers.

“We’ve created a campaign flow for partners and recommend what is the best thing for them to do to generate higher sales. Nobody wants to talk about the pandemic any more, but we moved really fast back at the beginning of the whole situation in March and had a few days of webinars, almost online courses, delivering alternative methods of generating pipeline.

“And most of the pipeline for our partners is coming from physical events, and social selling events. We have lots of experience in generating pipeline from digital activities and we want to share this with our channel partners,” Michniewska said.

Key to Thycotic’s success so far, as you’d expect, is innovation.

“By innovation and listening to what’s really keeping our customers up at night, and how we can focus on least privilege and then releasing it down to the customer side, we have released multiple new solutions over the last six to eight months that have enabled us to be innovation leaders,” Azzopardi said.

Last year Thycotic launched a product called Account Lifecycle Manager which targets the challenge of people creating privileged accounts that can be used or misused at will, and that linger on without an expiration date or similar once they’re created. In larger organisations, managing privileged accounts has become a huge problem that is not entirely fixed by every identity access solution.

“What this tool does is it introduces a governance process around all privileged accounts, including a specific focus on service accounts,” Azzopardi said. “It can stop all privileged accounts being created outside of this tool, all the privileged accounts have to be created within this tool which allows them to control a full lifecycle for these accounts.

“Not only are they controlling the accounts they had in the first place, but also the creation of new ones. It’s a simple concept and you’d wonder why no one has thought about that, but it was something that was absolutely first to market.”

Another key innovation is the ability to deploy a high-speed vault, more suitable for devops and development environments. The DevOps Secrets Vault facilitates security and password management not only at account level but at a high-velocity machine level.

“For devops, one of the things that makes them successful, their foundation, is their ability to spin up and down various environments fast, do some testing, and then put them away. But because they’re developers, they usually need full access. And full access means security risk, right?” Azzopardi said. “Traditional vaults cannot handle that sort of speed.”

Recent Articles

How remote connectivity can empower education – with RealVNC

Simplified classroom management, effective communication, and cost-effectiveness are desirable in education institutions from schools to universities, with digital solutions for distributed learning...

ShareGate answers questions on Copilot and M365 sprawl

Microsoft 365 (M365) with Copilot broadens and deepens capabilities that can enhance productivity in multiple ways but can also increase sprawl and...

Steel company deployed CoreView to head off potential delays post-acquisition

When integrating M&A driven expansion, Italian steel processing firm Marcegaglia implemented CoreView to minimise potential account migration problems from confusion to data...

Delinea meets ransomware comeback with acquisitions, further innovation

Cybercriminals appear to have doubled down on ransomware attacks again in the year, with a stealthier approach evident as well as a...

SCORM compliance and why it matters for e-learning

Learning management systems (LMS) and e-training content that comply with the Shareable Content Object Reference Model (SCORM) help ensure consistency across corporate...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox