Privileged Access Management (PAM) put into Context – Access Governance Strategy or just Tactics?
Panel: Privileged Identities – Identify, Delegate, Enforce, Audit
High-profile data breaches emphasize the need to maintain and safeguard privileged accounts, but oftentimes, nothing is done to effectively limit exposure of highly sensitive data. There are four key processes that can help organizations regain control of privileged accounts in a cost-effective manner. Identifying, delegating, enforcing and auditing (I.D.E.A.) can improve security and operational efficiency, take control of privileged accounts and close security gaps within the infrastructure.
Specifically, the session will take a closer look at:
- The steps to identify and document all critical IT assets, their privileged accounts and interdependencies;
- How to delegate access so that appropriate personnel, using least privilege required, with documented purpose, can login to IT assets in a timely manner at designated times;
- The process of enforcing rules for password complexity, diversity and change frequency, while minimizing service disruption;
- Why you should audit and alert that so the requester, purpose, and duration of each privileged access request is documented and management is made aware of unusual events.