At the same time, the potential for misuse or abuse of privilege by insiders or outside attackers presents organizations with a formidable security risk. Privileges serve an important operational purpose by enabling users, applications, and other system processes elevated rights to access certain resources and complete work-related tasks. It is an elevation above the normal and not a setting or permission given to the masses.” In their book, Privileged Attack Vectors, authors and industry thought leaders Morey Haber and Brad Hibbert (both of BeyondTrust) offer the basic definition “privilege is a special right or an advantage.
Privilege provides the authorization to override, or bypass, certain security restraints, and may include permissions to perform such actions as shutting down systems, loading device drivers, configuring networks or systems, provisioning and configuring accounts and cloud instances, etc. Privilege, in an information technology context, can be defined as the authority a given account or process has within a computing system or network.
What are privileges and how are they created? In this glossary post, we will cover: what privilege refers to in a computing context, types of privileges and privileged accounts/credentials, common privilege-related risks and threat vectors, privilege security best practices, and how PAM is implemented. While IAM controls provide authentication of identities to ensure that the right user has the right access as the right time, PAM layers on more granular visibility, control, and auditing over privileged identities and activities. Together, PAM and IAM help to provide fined-grained control, visibility, and auditability over all credentials and privileges. The domain of privilege management is generally accepted as falling within the broader scope of identity and access management (IAM). While privilege management encompasses many strategies, a central goal is the enforcement of least privilege, defined as the restriction of access rights and permissions for users, accounts, applications, systems, devices (such as IoT) and computing processes to the absolute minimum necessary to perform routine, authorized activities.Īlternatively referred to as privileged account management, privileged identity management (PIM), or just privilege management, PAM is considered by many analysts and technologists as one of the most important security projects for reducing cyber risk and achieving high security ROI. By dialing in the appropriate level of privileged access controls, PAM helps organizations condense their organization’s attack surface, and prevent, or at least mitigate, the damage arising from external attacks as well as from insider malfeasance or negligence. Privileged access management (PAM) consists of the cybersecurity strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes, and systems across an IT environment.