Okay, here’s a draft article tailored for a news website like Ars Technica, based on the provided text. I’ve aimed for a tone that’s informative,slightly technical,and focused on the “why this matters” aspect for a tech-savvy audience. I’ve also expanded on some points to make it a more complete piece.

Healthcare IT Needs a PAM & IAM Overhaul: Legacy Systems Are the Weakest Link

Healthcare organizations are prime targets for cyberattacks, and a significant portion of breaches stem from compromised credentials. While Identity and Access Management (IAM) systems have evolved, many healthcare IT infrastructures are burdened with legacy systems that create critical security gaps.A robust Privileged Access management (PAM) strategy, coupled with modern IAM practices, is no longer optional – its essential. Here’s a look at key areas where healthcare IT teams need to focus their efforts.The Problem: A Patchwork of Old and New

healthcare IT is notoriously complex. It’s a mix of cutting-edge medical devices,electronic health record (EHR) systems,and older,often unsupported applications. This creates a fragmented security landscape. Traditional IAM solutions struggle to effectively manage access to these diverse environments, especially when it comes to administrative privileges. Attackers know this, and frequently target these weaker links.

1. Modernize Privileged Access – and Don’t Rely on secrets

The days of shared admin accounts and easily-guessed passwords are over. Modern PAM solutions offer significant improvements. Key advancements include:

Credential Injection: Instead of displaying or storing credentials, PAM systems dynamically “inject” them when needed during an interactive session. this prevents credentials from being exposed to users or residing in scripts.
Just-in-Time (JIT) Access: JIT accounts are created or enabled only when an administrator needs them for a specific task, and automatically disabled afterward. This drastically reduces the window of opportunity for attackers to exploit standing privileges.
Legacy System Review: Healthcare IT departments must audit all legacy systems and applications to determine if they can be brought under the umbrella of modern PAM solutions. If not, compensating controls are critical (see point 3).

2. Bridge the Gap with Protocol Translators

Many healthcare systems still rely on older authentication protocols like LDAP, RADIUS, and TACACS. These don’t always play nicely with modern, web-based IAM tools. Protocol translators act as intermediaries, allowing these legacy systems to integrate with a centralized IAM framework.

this is particularly critically important for securing administrative access. Bringing these “silos” of technology into IAM, even with a bridging layer, substantially reduces the attack surface. The move towards a Zero Trust security model hinges on this integration.SAML (Security Assertion Markup Language) is also a key protocol to leverage for interoperability.

3. PAM Isn’t Perfect: Policy for the Unreachable

No PAM solution will achieve 100% coverage. There will always be systems that are difficult or unachievable to fully integrate.this is where a well-defined PAM policy for out-of-band systems is crucial. This policy should outline:

Compensating Controls: What additional security measures are in place to protect these systems? (e.g., network segmentation, multi-factor authentication where possible).
Password Change Requirements: Strict password policies and regular rotation.
Logging and Monitoring: Detailed logging of all access attempts, with robust monitoring for suspicious activity. Network Segmentation: Isolating these systems from the broader network to limit the blast radius of a potential breach.

4. logs, Audits, and the Power of AI

Security Data and Event Management (SIEM) systems are vital for detecting anomalies and potential breaches. They should be configured to actively monitor IAM blind spots – comparing actual access events with IAM/PAM logs to identify any unauthorized activity.

This is also a prime opportunity to leverage Artificial Intelligence (AI). AI-powered anomaly detection can automatically flag unusual access patterns, and automated auditing can streamline the review process. Healthcare IT teams should explore these capabilities to enhance their security posture.

The Bottom Line

Healthcare organizations face a unique and escalating threat landscape. A proactive, layered approach to IAM and PAM is no longer a best practice – it’s a necessity. addressing legacy systems, bridging protocol gaps, and implementing robust policies are critical steps towards protecting sensitive patient data and ensuring the integrity of healthcare operations. Ignoring these challenges is a risk that healthcare providers simply cannot afford to take.

Key changes and considerations for Ars Technica:

More context: I added introductory paragraphs to explain the broader context of the problem.
Technical Depth: I expanded on the explanations of technologies like SAML, LDAP, and SIEM.
“Why it Matters” Focus: I emphasized the consequences of inaction and the importance of these changes.
Stronger Headline: A more direct and attention-grabbing headline.
Removed Links: I removed the links as they are not typical for an article on Ars Technica.

What are the key differences between standing administrative privileges and Just-In-Time (JIT) access, and how does adopting JIT access contribute to a Zero Trust security model?

Securing Administrative Access: A Zero Trust Approach for All Accounts

The Shifting Landscape of Administrative Access Control

Customary perimeter-based security models are increasingly ineffective.The rise of remote work,cloud adoption,and complex cyber threats demands a more robust approach to protecting privileged access. This is where Zero Trust comes in. No longer can we assume that everything inside the network is safe. Every user, device, and request – even those wiht administrative privileges – must be continuously verified. This article details how to implement a Zero Trust framework specifically for securing administrative access, covering key strategies, technologies, and best practices. We’ll focus on least privilege access, multi-factor authentication (MFA), and continuous monitoring.

Understanding the Risks of Traditional admin Access

Historically,administrative accounts have been a prime target for attackers. Why? Because a compromised admin account grants access to everything. Common vulnerabilities include:

Shared Accounts: Multiple individuals using the same admin credentials.

Weak Passwords: Easily guessable or reused passwords.

Lack of MFA: Relying solely on passwords for authentication.

Standing Privileges: Admin rights granted continuously, even when not needed.

Insufficient Monitoring: Limited visibility into admin account activity.

These weaknesses create notable risks, including data breaches, ransomware attacks, and system compromise. A proactive shift towards Zero Trust is essential to mitigate these threats. Consider the SolarWinds supply chain attack as a stark example of the damage that can be inflicted through compromised administrative credentials.

Core Principles of Zero Trust for Administrative Accounts

Zero Trust isn’t a single product; it’s a security beliefs built on several core principles:

Never Trust,Always Verify: Every access request,irrespective of origin,must be authenticated and authorized.

Assume Breach: Operate under the assumption that attackers are already present within the network.

Least Privilege Access: Grant users only the minimum level of access necessary to perform their job functions. This is crucial for privileged access management (PAM).

microsegmentation: Divide the network into smaller, isolated segments to limit the blast radius of a potential breach.

Continuous Monitoring & Validation: Constantly monitor user activity, device posture, and application behavior for anomalies.

implementing a Zero Trust Architecture for Admin Access

Here’s a step-by-step guide to implementing a Zero Trust approach for administrative accounts:

1. Inventory & Classification: Identify all administrative accounts and categorize them based on the level of access thay possess. Document the purpose of each account.
2. Implement Multi-Factor Authentication (MFA): Enforce MFA for all administrative accounts, without exception. Consider using a variety of MFA methods, such as hardware tokens, biometrics, and push notifications. Adaptive MFA adjusts security requirements based on risk signals.
3. Privileged Access Management (PAM) Solutions: Deploy a PAM solution to manage and control access to privileged accounts. PAM features include:

vaulting: Securely storing and rotating administrative credentials.

session Recording: Auditing all administrative sessions.

Just-In-Time (JIT) Access: Granting temporary administrative privileges only when needed.

Workflow Automation: Automating the process of requesting and approving administrative access.

1. Least Privilege Enforcement: Revoke standing administrative privileges.Utilize JIT access and role-based access control (RBAC) to grant access only when and for provided that it’s required.
2. Device Posture Assessment: verify the security posture of devices before granting administrative access. This includes checking for up-to-date operating systems, antivirus software, and endpoint detection and response (EDR) agents.
3. Network Microsegmentation: Isolate administrative networks from other parts of the network to limit the impact of a potential breach.
4. Continuous Monitoring & Analytics: Implement security facts and event management (SIEM) and user and entity behavior analytics (UEBA) tools to monitor administrative account activity for suspicious behavior.Establish clear alerting thresholds and incident response procedures.

Technologies Supporting Zero Trust Admin Access

Several technologies can help you implement a Zero Trust architecture for administrative access: