Overview
Privileged Access Management (PAM) enables administrators to use fewer credentials to securely access and manage IT systems.
The customer struggled to mature its PAM platform, and administrators resisted the change.
The PAM vendor recommended Performanta to help accelerate this programme.
Our assessment discovered the client didn’t have a sufficient change management strategy.
Performanta used our tested change management processes and managed services to tailor an approach for greater adoption.
We accelerated the PAM adoption from under 10 percent to over 40 percent in less than eight weeks, removing almost all resistance from administrators.
The client has passed internal audits on their privileged account security.
Executive Summary
Privileged Access Management (PAM) effectively consolidates administrative access across complex enterprise technology estates. It is a core piece of zero-trust security that hardens organisations against persistent cyber threats, simplifying the lives of administrators who had to juggle dozens—even hundreds—of access credentials.
Yet adopting a PAM platform can lead to resistance, as this large regional telecoms client experienced. They onboarded a PAM platform to cover several different geographies and harden security. However, after months of effort, the adoption rate still languished at less than ten percent. Two aspects fought against the adoption: the company was rushing implementation rather than maturing the PAM, and there was significant resistance from administrators.
The PAM’s vendor recommended Performanta to help the client. We understand the solution and its deployment and have a strong change management track record. We initially assessed the PAM’s state and mapped it according to the client’s objectives, soon realising there was no clear change management plan to win over and guide administrators. Working with our client, we developed a practical change management roadmap and helped our client improve adoption.
Within 8 weeks, adoption grew from less than ten percent to over forty percent (and counting). Resistance from administrators fell away almost completely. Performanta also helped the client better integrate and configure the PAM platform. Soon enough, our client was clearing internal security audits and seeing real value from their PAM investment.
The Challenge
Our customer started an internal Privileged Access Management (PAM) programme as part of upgrading to zero-trust security. The goal was to consolidate critical administrator accounts, providing secure yet convenient access to key IT and security systems without increasing risks or threats. The PAM solution rolled out across several different geographic regions. Yet even after an extended period, adoption was disappointing at less than ten percent.
There was reluctance to adopt the platform. System administrators resisted the change, suspecting it would complicate their work; their respective IT knowledge and professional qualifications made it taxing to win them over. While the technology deployment was not a problem, our client couldn’t mature the PAM and failed to see the expected value.
The Solution
The PAM solution’s vendor recommended Performanta because we are highly skilled at deploying PAM platforms and ensuring effective change management. We analysed the progress and identified mistakes in the client’s approach. For example, they treated the deployment as a time-limited project and not an ongoing program; PAM solutions need to mature into their environments, and rushing them without sufficient change management leads to problems such as user resistance.
An initial assessment mapped the current PAM deployment to the client’s objectives. Performanta onboarded the client to our Managed Services, improving the PAM solution’s coverage. We developed a comprehensive roadmap and PAM framework, and our managed services team onboarded systems and users to improve the coverage.
The Results
Technology needs user buy-in, and this dynamic is particularly crucial for cybersecurity solutions. We leveraged Performanta’s established change management processes blended with a deep understanding of security solutions. We could take quick action for our client and start delivering results.
Within 8 weeks, our team had grown adoption from less than 10 percent to over 40 percent—a trend that kept growing upwards. With the guidance of a well-planned change management strategy, the adoption rate has increased with little to no resistance from administrators. Our client could finally start seeing the value of its PAM investment and has passed internal audits on their privileged account security.
Talk to our experts
About Performanta
Performanta was founded in 2010 and has over 150 staff worldwide, including former CIOs/CISOs from large enterprises. It has a global footprint with a team of 80 analysts working in two SOCs, helping to secure customers across 50 countries, from offices in the United Kingdom, Australia, Germany, South Africa and the USA. Performanta offers a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk. With a holistic cybersecurity view, we understand the modus operandi of the perpetrator and accordingly build an intelligent defence mechanism to make customer environments less susceptible to attacks.