Strengthen Security & Efficiency: Dynamic Privileged Access

Hybrid work is here to stay, and maintaining business productivity requires that employees have secure remote access to critical projects and information. Large enterprises delivering IT or consulting services via customer projects require the following capabilities to ensure secure remote access to the customer apps and data:

• Network segmentation that can connect and manage access to customer networks
• Privileges and permissions that dynamically change as users work on different projects
• Administrative controls that enable admins to change project access seamlessly
• Scalability to meet the needs of an ever-growing business

Traditionally, these organizations have used VPN solutions to facilitate connectivity to the customer networks, but these solutions are falling short.

First, traditional VPNs lack the principle of Zero Trust and do not offer microsegmentation or visibility into user behavior, including things like what projects the user can access, how long the project was accessed, or abnormal behaviors.

Secondly, VPN solutions are difficult to scale and require significant and unsustainable manual work to accommodate many remote workers. As a result, large enterprises with complex global deployments have difficulty troubleshooting issues, leading to downtime and inefficiencies.

To combat these challenges, Palo Alto Networks is pleased to announce Dynamic Privileged Access for Prisma Access, which will pave the path for these enterprises to mitigate security risks and maximize productivity.

How Dynamic Privileged Access for Prisma Access Works

Figure 1: Dynamic Privileged Access for Prisma Access solution overview.

Look at the diagram above and see how Dynamic Privileged Access for Prisma Access works.

In this example, a consulting organization provides secure connectivity to two customers through a single Prisma Access tenant. Through Dynamic Privileged Access for Prisma Access, the consulting organization can allocate a user group to work on projects for customer 1 and a separate user group for projects for customer 2.

The user can also switch projects by controlling the network attributes of the endpoint (for example, things like IP address and DNS settings) on a per-project basis. Dynamic Privileged Access for Prisma Access also provides conditional restrictive access, where administrators can create policies that consider the user's identity and project selection.

The Benefits of Dynamic Privileged Access for Prisma Access

With Dynamic Privileged Access in Prisma Access, enterprises can take advantage of several key benefits:

User and Network Segmentation with a Zero Trust Approach

Dynamic Privileged Access for Prisma Access enables granular segmentation of users and networks, facilitating secure access to resources while strictly adhering to Zero Trust principles. This ensures that users only have access to the resources relevant to their projects, mitigating the risk of unauthorized access.

Administrative Controls

Dynamic Privileged Access for Prisma Access enables administrators to assign projects to individuals based on their country or geographic area, enabling seamless, secure connectivity.

Cloud Scalability

A cloud-based infrastructure enables enterprises to eliminate the constraints imposed by on-premises hardware. It allows for seamless expansion to meet the growing demands of the business without compromising performance or security.

Operational Efficiency

By leveraging AI-powered ADEM’s holistic observability and built-in AIOps with Dynamic Privileged Access for Prisma Access, enterprises can gain more visibility into user activity—including details like user project consumption and behavior—enabling quick troubleshooting and insight gathering.

Dynamic Privileged Access for Prisma Access Can Help Consultancies

Dynamic Privileged Access for Prisma Access enables enterprises that offer IT-enabled or consulting services to prioritize security, scalability, and operational efficiency by future-proofing their infrastructure and allowing them to navigate the complexities of the digital landscape confidently.

Find out more about Dynamic Privileged Access for Prisma Access at InterSECt 2024, our virtual event now available on-demand.