PIM -Privileged Identity Management

With PIM (Privileged Identity Management) products, privileged identities can be managed efficiently and controlled comprehensively.

There are many challenges related to the use of privileged identities: they must be available when needed and their use must be traceable. Privileged identities may not fall into wrong hands either. 
 
General problems related to privileged identities can be solved efficiently using PIM (Privileged Identity Management) products. With the system, all desired privileged identities and target systems are controlled efficiently through a single system. This ensures that the privileged identities can be accessed quickly and in a controlled manner through workflows determined for the end users.
 
PIM products are used to manage existing identities and control the access of several users to them. End users can apply for identities and passwords via the browser user interface. The ID password can also be changed automatically after use, for example, so users do not have unwarranted access to the systems. This ensures that the identities are used by the correct persons and only at the time when they need to be used. 
 
Identities to be managed may include:
  • Operating system level admin and root IDs
  • Database, application and service IDs
  • Equipment IDs, such as telecommunication equipment privileged identities
  • Social media IDs, such as the management of corporate IDs for a shared Twitter account or blog, or publication system maintenance IDs
 
PIM solves general problems related to privileged identities:
  • Based on a server-specific policy, target system IDs are available to end users directly from the Privileged Identity Management system based on a server-specific policy. Strong identification can also be linked to the system’s user interface as a requirement. 
  • Privileged Identity Management allows the complete traceability of the privileged identities. Traceability is a requirement in many standards, such as PCI DSS. In cases with higher data security requirements, it is possible to record all server sessions so that the actions performed on the server can be checked afterwards.
  • Passwords for the target system IDs can be determined to change after each session, for instance. Password policies can be determined according to server type or even according to ID.
  • When integrated with a separate SIEM system, a comprehensive picture can be obtained about privileged identities in the SIEM system. Integration is also possible the other way around: the server’s password can be determined to change in the case of a specific SIEM alarm.
 
We help our customers in: 
  • Preliminary investigation projects and product selection
  • Deployment and integrations
  • Continuous development and maintenance

 

Integration
Comprehensive integrations help make versatile automations for ID management. The PAM system can be integrated with an existing SIEM system, for instance, so that privileged identity passwords can be changed automatically if target servers are attacked. 
 
Compliance
In addition, different types of compliance requirements can be met with the PAM system, such as the requirements of the PCI DSS standard employed in the payment card sector.
 

Digital Identity

With Identity and Access Management (IAM) companies can streamline and secure their business, both internally, and externally.
Read more

Identity management (IdM)

The adoption of a functional IdM solution results in well-organised, secure and economical access management.
Read more

Digital Business

All businesses are digital
Read more