In our last post, we explained the difference between privileged identity management (PIM) and privileged access management (PAM). PIM involves the identification of administrative accounts, which already exist on systems, and the association of individual users with those accounts. PAM secures privileged credentials and ensures they are used in accordance with established policy. We also defined the term “privileged,” which means that the holder of the credentials (human or machine) has the ability to take administrator-level action on a system.
Clango’s team of consultants and engineers can help identify gaps in your PIM policies and processes and prioritize your threat mitigation activities. When you’re ready to implement PAM, we can help you deploy CyberArk’s Core Privileged Access Security solution, including the Enterprise Password Vault, Privileged Session Manager, and Privileged Threat Analytics. We can also help you take advantage of Application Identity Manager to eliminate embedded credentials in software.
To lay the groundwork, let’s define the seven types of privileged accounts that are present in most environments:
Few organizations are aware of all the privileged accounts across their environment, so a critical first step in developing a PIM strategy is to identify them. A great way to do that is to run a CyberArk Discovery & Audit (DNA) scan. CyberArk DNA locates privileged credentials and provides executive and technical reports on potential risks.
The organizations we work with are often surprised at the number and variety of privileged accounts in their on-premises, DevOps, and cloud environments. Don’t be caught off guard. Let us help you secure these accounts and reduce the risk of a potentially devastating security breach.
For more information about PIM and CyberArk Discovery & Audit (DNA), please send us an email at (firstname.lastname@example.org).