Privileged access management,or PAM, is a vital security strategy for reducing risk. PAM encompasses cybersecurity policies, processes and technologies for managing an organization’s IT infrastructure for defining and enabling control over elevated, or privileged, access and permissions for users, accounts, processes, devices and systems.
A fundamental capability within the umbrella of identity and access management, PAM provides fined-grained control, visibility, and auditability of credentials and privileges. PAM helps organizations minimize their attack surfaces, and mitigate damages caused by careless or malicious intent by insiders and external attacks from bad actors. A chief principal for PAM is the enforcement of least privilege, the restricting of access rights and permissions for users, accounts, applications, systems, mobile and IoT devices, and computing processes. The restrictions are the fixed minimum rights and permissions that are essential to perform normal and allowed activities.
In the context of IT, privilege has the authority within an account or process, and can have authorization that supersede or avoids specified security restraints. For example, permissions to shut down systems, load device drivers, configure networks and systems, provision and configure accounts and cloud instances. Privileged access and permissions can apply to operating systems, file systems, applications, databases, hypervisors, cloud management platforms, and more. The elevated rights that privileges enable for accessing and working on critical IT resources also brings considerable cybersecurity risk. Privilege assignments for users can be applied to their role within a certain business function like HR or Sales. Other attributes can include parameters like their seniority, the time of day, regional location, etc.
Privileged accounts include local administrative, domain administrative, emergency or firecall, service, Active Directory or domain service, and application accounts.
Privileged credentials, or privileged passwords provide elevated access and permissions across accounts, applications, and systems. Privileged passwords can include users, applications, service accounts, SSH keys, and within DevOps environments that are referred to as secrets.
Some of the most potentially damaging risks from privileges are:
Resource Guide :