WHAT IS PRIVILEGED ACCESS MANAGEMENT AND WHY IS IT IMPORTANT?
About This Control
Summary: Privileged Access Management (PAM) is a cybersecurity practice that manages, monitors, and secures access to systems and data by accounts with elevated permissions.
Purpose: PAM tightly controls, secures, and monitors the use of privileged accounts to better protect an organization’s most critical systems and data. It reduces the risk of breaches, misuse, and insider threats by ensuring elevated access is used only when necessary and approved, in a controlled and auditable way.
Implementation Guidance: The dashboard supports configuration for the types of privileges that the user wants to monitor. This allows it to report on privileges other than admin access if desired.
Why It Matters
Attackers frequently target privileged accounts. PAM limits misuse of these accounts by enforcing least privilege and securing access to privileged credentials.
PAM ensures elevated access is granted only when needed and that actions taken by users with privileged access are monitored and auditable.
PAM helps meet regulatory and compliance framework requirements.
Risks Addressed
PAM mitigates the risk of attackers or unauthorized users gaining control of highly privileged accounts.
It addresses the risk of users having excessive access, whether by accident or intentionally.
PAM reduces the risk of not being able to track actions taken by a privileged account back to an accountable individual.
CONTROLS THIS DASHBOARD REPORTS ON
Frameworks (This dashboard intersects with these controls as they apply to privileged access management, and as the controls are implemented by the organization.)
NIST CSF v2.0:
Subcategory PR.AA-03: Users, services, and hardware are authenticated
PCI-DSS v4.0.1:
7.2.2 Access is assigned to users, including privileged users, based on:
Job classification and function.
Least privileges necessary to perform job responsibilities.
CIS CSC v8.1:
5.4 Restrict Administrator Privileges to Dedicated Administrator Accounts
PRIMARY KEY PERFORMANCE INDICATOR (KPI)
The dashboard reports on this Primary KPI:
Numerator: Number of Privileged Accounts that are managed by the PAM solution.
Denominator: Total number of distinct Privileged Accounts.
COLUMNS DISPLAYED ON THE DETAIL DASHBOARD
Leading: Compliance Status
Account - Identifiers: Account Name, Account Sources, Account UID
Account - Required: Account Groups, Account Last Login Date, Account Last Login Date Compliant, Account Onboarded To Pam, Account Password Change Date, Account Password Change Date Compliant, Account Type, Account Privileges
Account - Optional: Account Categories, Account Created Time, Account Domain, Account Owner, Account DataBee Id, Account Privilege Due To Group
PAM Identifiers: Pam Id, Pam Name, Pam Solution
PAM: Pam Platformid, Pam Address, Pam Username, Pam Last modified time, Pam Password Rotation Configured
Org Hierarchy: Account DataBee Id, Owner Databee Id, Owner Email Address, Owner Employee Id, Owner Full Name, Owner Job Title, Manager Email Address, Manager DataBee Id, Manager Full Name, Level 2, Level 3, Level 4, Level 5, Level 6
OCSF TABLES USED BY THE DASHBOARD
CDP.Account
User Entity
User Inventory
Account Change
Group Management