Privileged Identity Management is a feature of most modern clouds and is used to manage the lifecycle of role assignments, enforce just-in-time access policy, and discover who has what roles in your organization’s cloud estate.
Increasingly, organizations what to minimise the number of people who have access to secure information or resources because it reduces the chance of:
- a malicious actor getting access
- an unauthorised user inadvertently impacting a sensitive resource
Scenario
“I need elevated access”
Jane needs to perform an action that requires a role she doesn’t typically have. Let’s say the “Password Administrator” role, which grants her the ability to reset user passwords for other staff in her organization.
- You may think to assign her this role and note down in your calendar or to-do list to revoke that role from Jane at a later date (i.e. after her work is done and she no longer requires this role).
- Alternatively, you may think to create a new account and grant it the…
