Effective cybersecurity is not simple or easy—but in many ways it’s also not as complex as some make it seem. There is a seemingly endless array of tools you can implement and processes you can adopt, but when push comes to shove there are really only a handful of best practices and principles that will help you successfully avoid or defend against the majority of threats. One of those handful of things is effective management of privileged accounts, which explains why Remediant recently secured $15 million in Series A funding.
“Historically, PAM solutions have let the industry down. As former practitioners and consumers of legacy PAM approaches, we understand the crucial role privilege access plays in securing an organization – it’s not simply a matter of who should have a certain level of access, but at what point in time and for how long,” said Tim Keeler, CEO and co-founder of Remediant in a press release announcing the funding. “We’re grateful to have the support of Dell Technologies Capital and ForgePoint Capital to help us execute on our mission to change the PAM landscape, as we offer a new way to protect organizations from data theft via stolen credentials.”
Managing Privileged Access
Privileged access management (PAM) is a crucial element of effective cybersecurity. Privileged access refers to things like Admin or Root access or granting elevated access to user accounts to enable them to have deeper control of a system or application. Accounts with privileged access are a “Holy Grail” for attackers, because compromising such an account allows the attacker to access the system and execute malicious code with that same privileged access. A recent report claims that 95% of breaches could have been prevented, and that many attacks rely on abusing or exploiting privileged access.
A recent study—commissioned by Remediant—highlights some of the issues and challenges of PAM, though. Many of the survey participants confuse basic identity and access management or password locker utilities with dedicated privileged access management solutions. What seems more concerning, though, is that many respondents with dedicated PAM solutions feel that they reduce productivity and nearly 40% believe their PAM solution will only prevent some inappropriate use of privileged access—if it prevents it at all.
The Remediant Value Proposition
Remediant is trying to disrupt the privileged access management market and change things—both the reality and the perception. The company has existed up until now as a completely bootstrapped entity, but the founders felt that the time had come to take on investors in order to expand their workforce and scale the company up to meet growing demand.
Paul Lanzi, co-founder and Chief Operating Officer for Remediant, explained to me that they are very proud of how far they’ve come as a bootstrapped company, but they had come to a point where the lack of investment constrained their growth trajectory. “The bad guys don’t have to deal with those constraints,” stressed Lanzi.
I had an opportunity to speak with one of the investors as well. Deepak Jeevankumar from Dell Technologies Capital told me that the goal of Dell Technologies Capital is to seek out companies that can create new categories or fundamentally transform an existing category. They look at the team in place and how they have fared thus far in the space. More importantly, they consider whether the space is right for disruption, and whether the team brings the right skills and perspective to make it happen.
Deepak told me that one of the things that most attracted him and Dell Technologies Capital to Remediant is the fact that the founders were originally on the other side of the fence. They are former practitioners with an end user perspective. Deepak appreciates the operational empathy they bring to the table and believes it helps them understand how to build this solution in a way that works for customers.
Just-in-Time Privileged Access Management
Remediant has a unique approach to the problem of managing privileged access. Rather than granting or revoking privileged access the old-fashioned way, Remediant strives to both automate and limit privileged access by providing just-in-time access that automatically expires. It simplifies the process of allowing privileged access for those who need it, and—more importantly—streamlines the process of removing privileged access when it is no longer needed so there aren’t unnecessary elevated privileges out there waiting to be compromised or exploited.
After signing Lockheed Martin as their first customer in 2017, Remediant quintupled revenue in 2018. With the success of this Series A funding round and the infusion of $15 million in capital, Remediant is poised to expand dramatically and potentially disrupt the PAM industry.