Consists of the cybersecurity strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes, and systems across an IT environment.
Privilege access management helps manage entitlements, not only of individual users but also shared accounts such as super users, administrative or service accounts. A PAM tool protects and manages all types of privileged accounts.
Mature PAM solutions go even further than simple password generation and access control to individual systems, and also provide a unified, robust, and—importantly—transparent platform integrated into an organization’s overall identity and access management (IAM) strategy.
Many recent high-profile breaches have one thing in common: They were accomplished through the compromise of privileged credentials. Industry analysts estimate that up to 80% of all security breaches involve the compromise of privileged accounts.
Virtually all organizations have some unknown or unmanaged privileged accounts, increasing their risk. Some may have thousands. This can happen for various reasons:
Privileged Access Management solutions vary in their architectures, but most offer the following components working in concert: