Privileged Identity Management: 7 tips to make it work for you

PIM tools help get a handle on sprawling accounts and disjointed management of privileged access. If you do it right. Here are seven key strategies.

For more background on PIM, see the companion article Too much access? Privileged Identity Management to the rescue.

Develop a long-range and short-range strategy. While your organization may be addressing particular pain points—an audit failure on a particular platform or in a business group, operational problems with a manual process, production interruptions or a data breach inadvertently or intentionally caused by someone with shared credentials—lack of PIM is usually a systemic problem that touches all enterprise systems.

If you choose a PIM product to address a limited objective (for example, pass the next audit or control access to a CRM system), you may wind up buying a solution that will not meet all your needs.

"Shared accounts pose almost the same risk regardless of whether it's a shared DBA [database administrator] account giving access to a database, or an admin accessing a Cisco router, or a shared-account e-mail admin accessing an Exchange server," says Cyber-Ark Executive Vice President Adam Bosnian. "If I can use the system, as an admin, to do my bidding, I have a powerful tool to do some real damage."

Unless you take a global approach, you will not understand how your disparate systems are interconnected and dependent on one another. You will fail to develop policies and processes that will form an effective foundation for your privileged-identity program.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!