Privileged account management is the process of identifying, controlling and monitoring privileged accounts and their associated activity. Privileged accounts are typically high-level administrator accounts that have broad access rights across an organization’s IT systems. Because of their elevated level of access, these accounts pose a significant risk if they were to fall into the wrong hands.
During penetration testing assessments, privileged abuse is one of the most critical reasons vertical privilege escalation attempts have been successful. This could be in the form of excessive privileges on a service account, stored credentials in an easy to decode, decrypt or text-readable format, password reuse, configuration files or a similar misconfiguration.
Our article on privileged access management covers:
- Basics of Privileged accounts, privileged access
- Risk and threats associated with privileged access
- Basics and differences between PAM, IAM, Least privilege
- Why PAM solution is a helpful capability for a business, and the capabilities of a PAM solution
- Advantages and security controls of a PAM
Read more at securityboulevard.com : What is Privileged Access Management (PAM)?