What is wrong with PAM 1.0?
Legacy solutions for privileged access management were optimized for a traditional IT-centric, perimeter-based operational model that has been superseded by cloud computing. PAM 1.0 is characterized by:
- Heavy reliance on information security teams for implementation and maintenance.
- Predominantly closed-source, proprietary solutions without the oversight of the open source security community.
- Perimeter-based approach to security instead of adhering to Zero Trust principles, where networks no longer matter and cloud environments, remote workers, and edge servers are all first-class citizens.
- Hostile user experience, particularly for developers, leading to reduced workforce flexibility and lower productivity.
- Inability to take advantage of cloud-native technologies to operate at scale.
What is PAM 2.0?
The next generation of PAM solutions must address the deficiencies of the legacy implementations above. Teleport does this by providing secure access for developers without getting in the way of their productivity. Teleport is different from legacy PAM solutions in the following ways:
- Open source and developer-friendly, offering high-quality user experience and APIs for customization.
- Designed and built with a focus on cloud and edge computing.
- Developers working from home or in coworking locations are first-class citizens.
Secure your infrastructure & meet compliance requirements
Ensure that you are using industry best practices out-of-the-box.
- Isolate critical infrastructure and enforce 2FA when using SSH and Kubernetes.
- Provide role-based access controls (RBAC) using short-lived certificates and your existing identity management service.
- Log events and record session activity for full auditability.
Complete visibility into access & behavior
See what's happening and who's responsible.
- Convert logins, executed commands, deployments and other events into structured audit logs.
- Monitor, share and join interactive sessions in real-time from the CLI or browser.
- Audit events and session recordings are securely stored in a vault to prevent tampering.
One gateway for all of your clouds, on-premise, edge and IoT devices.
Eliminate the differences between accessing cloud, remote, restricted and regulated environments.
- Implement security and compliance for SSH and Kubernetes across all of your public cloud environments, and across all providers.
- Securely access environments located in public clouds and on-prem environments of other organizations, including your customers' environments.
- Access IoT and edge devices, and even self-driving trucks, the same way as any other server or VM in any of your public clouds.