Word of the Day: privileged access management

Word of the Day: Daily updates on the latest technology terms

Word of the Day Daily updates on the latest technology terms | November 21, 2019 process mining software Privileged access management (PAM) is the adminstration of accounts that have access to an organization's most critical information and resources. Privileged user accounts are significant targets for attack because they have elevated permissions and access to confidential information. If compromised, a large amount of damage could be made to organizational operations. In many organizations, system administrators are the only ones who are granted privileged access. PAM software aggregates credentials for privileged accounts into a secure repository to isolate their use and log their activity. The separation is intended to lower the risk of "admin" credentials being stolen or misused.   PAM software typically provides the following features: Multi-factor authentication (MFA) for administrators. An access manager that stores permissions and privileged user information. Audit logging tools for compliance. Session tracking once privileged access is granted. PAM vs identity management   PAM is often confused with identity and access management (IAM). While some overlap exists, PAM is only focused on accounts with privileged or administrative access, while identity management encompasses any user that requires access to a system. To ensure the highest level of security and usability, companies should look into implementing both privileged access and identity management. Identity management systems cover larger attack surfaces within the organization's network while PAM systems cover smaller, higher-valued attack surfaces. Quote of the Day "Investment in a privileged account security product that manages and monitors privileged users, sessions and applications will prevent the far greater costs of dealing with security incidents and data breaches resulting from privilege creep and misassigned -- or abused -- privileges." -  Michael Cobb Related Terms multi-factor authentication audit log identity and access management system attack surface principle of least privilege privilege creep privilege bracketing Learning Center How to address cloud IAM challenges Cloud services are major players in most companies now and can have a major impact on the management of access and identity governance. Learn how to handle cloud IAM challenges. Privileged access management and security in the enterprise Learn from Michael Cobb, founder of Cobweb Applications, how to keep user roles and privileges aligned and what checks and balances prevent privilege abuse and data breaches. Best practices to conduct a user access review User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. How can privileged access accounts be managed in large companies? Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access. IAM-driven biometrics in security requires adjustments IAM is foundational to cybersecurity, but the latest systems use biometrics and other personal data. Learn how to cope with the resulting compliance and privacy issues. Quiz Yourself Test your privileged user management knowledge Test your proficiency in privileged user management. Take this quiz to determine your ability to keep privileged access secure across your organization. Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact us at: editor@whatIs.com FOLLOW US About This E-Newsletter The Word of the Day is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List