Web Active Directory’s PeoplePlatform provides shockingly easy privileged account management (PAM). It’s shockingly easy to manage but appropriately complex in the options that you have when you want to dig deeper.
Privileged Account Management is Important
Privileged account management is important. Identity Management solutions should pay special attention to users who have access to the most secure confidential documents and information in your organization.
In PeoplePassword, for example, you can configure any number of levels of privilege so that different levels of privilege require different combinations of factors of authentication to reset their passwords. This is an absolute requirement.
User Impersonation to Helpdesk
Often overlooked, however, are calls to the helpdesk from privileged users. How can an IT professional safely conclude that the caller to the helpdesk is a privileged user or a criminal attempting to impersonate that user? PeoplePassword provides the helpdesk with information that it needs to help a user get what they need while allowing for their safe identification. When was the last time an executive used a self-serve password reset solution? Most call their favorite IT person and most IT departments don’t push back against them. Hackers and those with nefarious motivations can take advantage of this phenomenon without good privileged account management and identity management.
Auditing Privileged Groups
Privileged account management considerations go beyond password reset solutions and into other areas of identity management. PeopleAudit, Web Active Directory’s auditing solution, can notify IT in real-time if a group in their directory has changed. This is especially important for management of groups that give privileged access. On-demand reports with summaries and graphs give snapshots of what’s going on when needed.
Privilege Has Benefits
Privilege also works the other direction with Identity Management. The identified privileged user should be able to easily and safely see and manage information less privileged users cannot. PeoplePlatform allows for this throughout its user and group provisioning and update solutions.