Privileged Identity Management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts in an organization’s IT environments. Oversight is required to ensure that the enhanced access capabilities of super control accounts are not misused or abused. Unmanaged super user accounts can result in the loss or theft of important corporate information, as well as malware that compromises the network. Super user accounts, such as those for database administrators (DBAs), CIOs, and CEOs, have historically been relatively lightly managed. Identity management software frequently leaves super user accounts completely unmanaged while granting advanced access to the business network. Furthermore, the owners of those accounts frequently lack professional experience in handling them.
To implement privileged identity management:
1. Create a policy that specifies how super user accounts will be managed and what the account holders should and should not be able to do.
2. Develop a management model that identifies a responsible party to ensure that the above policies are followed.
3. Inventory privileged accounts to assess the size of the population and to identify them.
4. Establish tools and processes for management, such as provisioning tools or specialized PIM products.
Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. CyberArk’s Privileged Access Security Solution, you can meet your compliance requirements and reduce your security risk without introducing additional operational complexity.
FOR SECURITY :
Reduce your privileged access security risk with the industry’s most comprehensive Privileged Access Security Solution, across your on-premises infrastructure and cloud.
FOR OPERATIONS :
Leverage a flexible architecture that can scale to the most demanding enterprise deployments and integrate seamlessly with your existing security, operations, and DevOps tools.
FOR Audit :
Enforce role-based access controls, require users to “check out” credentials, and generate full and detailed reporting and audit trails to demonstrate compliance.