Privilege Accounts or PAM, Privilege and Access Management is a control system that enables a company to secure and control access to administrator accounts and define their parameters.
The privilege management system enables you to set up reinforced authentication strategies by application and user type.
A PAM system is part of a more global identity and access management process. It cannot be an end in itself, if the company does not have an IAM policy in place.
There's no point in controlling administrator accounts in particular if they haven't been properly listed beforehand, and if the rest of your staff have no control over their access.
What's the point of setting up a PAM system at your company?
The vast majority of cyber-attacks target privileged accounts, as these have high levels of access that enable them to penetrate deep into the information system.
Here are the advantages of a PAM system:
- Secure your network, block unauthorized users.
- Fine-tuned access allocation, only to those who need it with the right level of rights.
- An adaptable system, each company sets its own rules and everything can be readjusted.
- Monitor connection activity.
- Audit facilitator.
- Centralize information, so everything is in one place, enabling better vision and faster decision-making.
- Review access on a regular basis, as users change jobs or leave the company, and their rights need to evolve or be revoked.
Privilege and Access Management integrates several elements:
- an access manager: to determine whether a given user is authorized to access a given application, and with what rights.
- a password manager: users store their passwords securely, but do not have direct access to unencrypted passwords to different applications.
- a session manager: records all privileged account activity for the purposes of malware monitoring or auditing.
