Discover more from IAM Bitesize - Identity & Access Management Weekly Guides
12: What is PAM?
PAM stands for privileged access management
The focus as the name suggests is on privileged accounts - which refer to things like administrators, root accounts, service accounts and non-standard end users
These accounts if used maliciously can cause significant disruption, degradation and destruction of key services, infrastructure and compute power
PAM aims to wrap these accounts with a set of functions to help improve security
PAM only impacts a subset of identities within the employee environment
PAM functions include the ability to restrict access to privileged functions to specific users - essentially principle of least privilege - likely through an inventory of permissions and users and tying the two together “just in time” or through another concept called “zero standing privilege” - which means not tying privileged access to a user permanently
Another main function is being able to monitor and audit uses of privileged access - so this could include recording a session of command line activity and being able to map that to a real identity
When a user requests access to user a privileged account or function, it will likely be wrapped by strong multi-factor authentication and perhaps device checks
Other features include credential rotation - so this could include the changing of passwords for certain accounts after a user has finished using it
Requests for privileged access are typically mapped into well designed workflows - that handle who can request access, under what conditions and how those requests are approved and fulfilled
Allowing a real identity to “checkout” an account or permissions that have administrative capabilities
Manage and monitor those requests with strong authentication, auditing, monitoring and approval
IAM Bitesize - Identity & Access Management Weekly Guides is a reader-supported publication. To receive new posts and support our work, consider becoming a free or paid subscriber.