Wednesday, December 19, 2018

What is Privileged Access Management?

A privileged user/account is a user/account who holds the "key to the kingdom" i.e. the user/account has administrative access to the systems. They can carry out system wide configuration changes, lock/unlock other users, define and enforce system policies, install software, apply patches, access sensitive information etc. For instance, the individual who can set up and delete email accounts on a Microsoft Exchange Server is a privileged user.

“Privileged Account Management(PAM)” or “Privileged Session Management(PSM)” are generally interchangeable.

As is clear from the description of a privileged account, this access needs to be controlled, monitored and audited. Most cyber attacks target these privilege accounts to gain access to resources in any organization. PAM keeps your organization safe from accidental or deliberate misuse of privileged access. Most organizations have 3 times as many privileged users as employees.

PAM allows you the following high level capabilities:

  • Grant privileges to users only for systems on which they are authorized.
  • Grant access only when it’s needed and revoke access when the need expires.
  • Avoid the need for privileged users to have or need local/direct system passwords.
  • Centrally and quickly manage access over a disparate set of heterogeneous systems.
  • Create an unalterable audit trail for any privileged operation.

Thursday, December 13, 2018

What is Access control

Access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.