ThirdSpace ThirdSpace
ThirdSpace Contact Us
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Page
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Service
  • Solutions
  • People
Load more
13 October 2016

5 privileged access management (PAM) best practices

Profile shot of Simon Veale.
Written by Simon Veale

As the threat from trusted insiders continues to increase, the need for Privileged Access Management (PAM) has never been greater.

Gartner reports that by 2018, 25% of organisations will review privileged activity and reduce data leakage incidents by 33%. Those businesses that aren’t planning to review their privileged activity on a regular basis and follow best practices are at risk from internal attacks.

5 steps to effective privileged access management

PAM is a technology that is used to resolve issues relating to privileged accounts. These are the type of accounts that manage all business IT infrastructures, providing users with access to administration accounts, system accounts, and/or operation accounts. However, if such access privileges are placed in the wrong hands, organisations risk being the target of malicious attacks from internal users.

Here, we identify five steps that can be taken towards effective PAM.

1. PAM and identity access management (IAM) integration

The integration of PAM and IAM systems gives IT departments better visibility, knowledge, access, and control.

An IAM solution on its own gives an organisation control over user access rights, while a PAM solution gives control over privileged users and accounts, providing detailed information on how identities are being used.

Microsoft’s Azure Active Directory (AAD) Privileged Identity Management solution provides you with the tools to control, manage and monitor your privileged identities, as well as their access to resources in Azure AD and other Microsoft platforms. This can help companies manage their admin rights and reduce security risks.

2. Review all privileged accounts

When handling security, it’s best practice to audit privileged access accounts on a regular basis. This should include a thorough evaluation of all accounts currently being used, and a review of the access level they require.

Any accounts which are no longer being used should then be removed.

See the Microsoft identity stack in action – Watch today!

See the Microsoft identity stack in action – Watch today!

The Microsoft identity stack demos will show you how to:

  • Easily create new user accounts for internal employees and external contractors
  • Reduce risk through automation and password self-service capabilities
Watch now

3. Oversee privileged user activity

Implementing a PAM solution will provide you with the ability to log privileged user activities. This means you can keep an eye on which systems users are accessing and at what level of privilege. You’ll also be able to add, modify or delete existing user accounts on the Access Manager.

4. Password best practice

In order to mitigate leaks and risks to your company’s data, there are password best practices you should be following (if you aren’t already).

Passwords should be changed on a regular basis and should never be shared. This keeps out users other than those that have been given the privileged access.

To prevent password leaks, passwords should be individual to privileged users and not shared among peers or colleagues.

5. Ensure physical security

As well as managing your online security access, it’s also important to maximise the physical security of your IT systems. Where possible, sensitive information systems should be stored separately to your main data centre – locked away in a separate room if needed. Only privileged, authorised personnel should then have access to this area.

Next, watch the Microsoft identity stack demos to see how Microsoft’s key identity management technologies (including MIM) enable seamless user creation journeys.

Or download ‘The business case for IAM’ e-Guide and become the driving force behind modernisation, cyber security and operational efficiency in your organisation.

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Submit your business email to join our mailing list and we'll send you 'A buyer’s guide to Microsoft Enterprise Security'.

Profile shot of Simon Veale.

About Simon Veale

Senior Architect

A ThirdSpace veteran, Simon has a highly developed IAM skill set and the flexibility to adapt it to whatever the situation requires. Having been in 'identity management' forever, there’s probably not...


You may also like...


How the SolarWinds breach highlights the dangers of federated authentication – and what you can do to protect against it


What is Microsoft Identity Manager (MIM)? Everything you need to know


Uniting disparate directories: What is Azure AD Connect cloud provisioning?

Recent Blog Articles

View All
Related topics

Watch – The Microsoft identity stack in action

See how you can easily create new accounts and reduce risk through automation.

Watch now

Need some help?

Send us your questions or feedback.

Friendly folks are standing by!

Contact Us
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.