Privileged Access Management (PAM) refers to monitoring and securing administrative accounts. These accounts are considered the most privileged of all user accounts in an organization. 

When PAM-accounts are used in the wrong way, either intentionally or accidentally, the organization can suffer serious damage. Hence, it’s critically important to set-up a solid PAM strategy in order to properly monitor and secure these accounts. A typical component of a PAM strategy – which also clearly illustrates its importance – is that all activities that administrators perform within their accounts are recorded using screen capture videos.

Why PAM shouldn’t be called PAM

As PAM stands for ‘Privileged Access Management’, it makes sense to assume this addresses all privileged accounts in an organization. However, PAM doesn’t do that. In fact, PAM only addresses administrator accounts, a limited part of the total number of privileged accounts in an organization. And that is exactly why PAM shouldn’t be called PAM, but rather something like AAM (Administrator Access Management).

PAM shouldn’t be called PAM, but rather something like AAM (Administrator Access Management).

But whatever the name we use for it, it’s important to note that PAM leaves a number of privileged accounts untouched. Consequently, another solution is needed to take care of this. Before we go there, let’s take a look at the origin and nature of privileged accounts first…

Privileged accounts: a closer look

Apart from administrator accounts, many other accounts – the actual number depends on the size of your organization and the way access rights are handled – can and should be considered as privileged. In fact, every single access right that is offered to a user can be seen as a privilege. So, the question is: how many – and which – access privileges are needed before a user should be considered a privileged user?

A typical example is a staff member who is working for the organization for many years. As he advances through several positions, he is granted new access rights for each new position. However, the access rights required for his previous functions are – due to negligence, in most cases – never withdrawn. This way, the staff member will gradually collect a large number of privileges.

Why PAM is not enough

We made clear that PAM – even if it’s perfectly setup and executed – does not suffice to protect your organization from the risks associated with privileged users. So, what you really need is an encompassing identity intelligence solution, which monitors and secures the accounts of all users in the company.

Elimity’s Insights tool allows you to do this and much more in a matter of minutes. Insights brings you all of the possibilities of a traditional PAM solution, along with lots of additional features, allowing you to take control of the status of all access rights in your organization.

Author

I'm in charge of the content marketing