ITB - IT Solutions for the next generation
linkedin logo twitter logo facebook logo google+ logo
 

Spot the Difference - PAM or ARM

Friday, April 06, 2018
Spot the Difference - PAM or ARM

Do you know the difference between Access rights management and Privileged account management?

Firstly, don’t worry there is nothing to be ashamed of. The terminology used in our industry can be confusing or just innocently used incorrectly. Plus, there can be a huge overlay in what current vendor solutions offer on the market, some offering a solution for one while solving many of the problems for the other.

So, for people who prefer the “dictionary definition,” I’ve put together the below explanations.

“Access rights management is the process of granting authorised users the right to use a service while preventing access to non-authorised users. Access management can also be referred to as rights management or identity management.”

“Privileged Access Management (PAM) is a solution that helps organisations restrict privileged access to an existing Active Directory environment. Privileged Access Management accomplishes two goals: ... Isolate the use of privileged accounts to reduce the risk of those credentials being stolen.”

For people who prefer their explanations a little easier to digest, the below may help...

A privileged account can be seen within a business as an account needing credentials that give access to systems within the business. These can be service or non-service accounts, (Non-human/human). Just to clear up the meaning of “privileged”. A privilege is a permission to perform an action. Although these terms are loosely interchanged within the IT industry.

Access rights management is seen as managing user access policies and groups within the business. This could be through Active Directory, SharePoint, File Server or Exchange. Access rights management gives you a way to manage who has access to which resources, how they have access and proceed with changes in a structured and automatic manner.

So now you know the difference how does each benefit you?

Privileged account management solutions could help most IT departments with the laborious task of resetting and keeping track of passwords. Not to mention addressing the security risk posed by these privileged accounts where multiple passwords are stored in Excel files or in notepads.

Access rights management solutions can help clean up the mess within the AD and help businesses and IT departments understand who has access to which resources. Helping manage staff turnover or people moving around within your business.

Both solutions help with the key issue of joiners, movers and leavers. What happens with a user’s credentials when they join the company, move around to different positions or leave the company entirely? Keeping track of this can be a huge task for companies and could ultimately lead to a major data breach and one which would be impossible for any anti-virus security solution to uncover.

Damian Crawley

Senior Account Manager

GO BACK