I would like to share the knowledge that I gain during my training lately about the Privileged Access Management(PAM) which I can share with you guys.
What is Privileged Access Management(PAM)?
For those are not familiar with PAM, it normally been consists of things such as CyberSecurity Strategies and Technologies where it will exerting control on the access and permission that been given to authorised users, accounts and systems all over IT Environment.
In the organization’s environment, PAM will need to implement in order to condense the environment’s attack surface and prevent from the attack been damage to the system or try to mitigate the risk from been higher
On Privileged Access Management, there are two types of user accounts such as Standard User Accounts and Guest User Accounts
What are those?
- Standard User Accounts is an account that normally have a limited set of privileges like MS Office where it also been limited to accessing an array of resources.
- Guest User Accounts is an account that normally have fewer privileges than Standard User Accounts.
Best Practice for PAM
An Organization will have to follow the PAM’s Best Practice such as follows:
- The policy that related to Privilege Management will need to establish and also enforce a comprehensive practice which will address the issues such as inventory and classification of accounts that need privileged identities.
- An organization will need to verify and identify where it will also need to highlight on all privileged accounts and credentials that resides within local accounts, application/service/database accounts.
- An organization will need to enforce the separation between access and duties where the IT team will need to separate the access according to account functions than any standards account requirement.