PAM refers to the set of governance, processes, and technology controls that manage elevated or (‘privileged’) permissions within an IT environment. Authorized users have access to the privileged information required to execute privileged commands and control user access permissions providing users with the least amount of privileges to perform their job.
PAM can be visualized by imagining an office that has restricted areas (e.g., a server room) with limited employee access. An organization can control access to these restricted areas using a pass card, for example. The same concept applies to enterprise PAM solutions. In this case, the employees are privileged users, the pass card is the privileged credentials, and the restricted areas are your systems and assets.
Today’s complex businesses require a PAM solution that delivers a frictionless front-end experience for end users and tightly controlled access and security, while allowing for scalability in the future.
KeyData and our carefully chosen PAM vendor partnerships will help you stay several steps ahead of the hackers and protect your most sensitive assets from internal threats. KeyData’s team of experts can help you find a PAM solution based on your unique use cases with complete end-to-end implementation services to help you make the most out of your PAM solution deployment.
KeyData looks at Privileged Access Management (PAM) holistically from a governance, process, and technology perspective to control elevated access and permissions across the organization. We center our approach on the Least Privilege and Need-to-Use principles to ensure that only the minimum required privileges are used when performing authorized privileged activities.
Policies, standards, and procedures
Monitoring and reporting
PAM strategy and roadmap
Accountability, roles and responsibilities
PAM training and awareness
PAM operating model and resources hiring
Asset and Account inventorying
Account provisioning, and decommissioning
Privileged access request & fulfillment
Privileged credential retrieval accounts & users
Privileged activity monitoring, reporting & alerting
Password storage and retrieval
Password management (e.g., automated rotation)
On-demand access elevation
Privileged session proxy
Activity logging, monitoring and alerting
Solution integrations (e.g ITSM and PAM integration)
COVID-19 impact on PAM
Lockdowns across the world have forced organizations to adopt work from home arrangements, which has increased organizations’ cyber threat vectors. Due to increased online activity risks, organizations are becoming more attentive to PAM solution implementations and upgrades and will continue to focus on remote end-user access, including allowing access to PAM solution using mobile devices.
We engaged with KeyData due to their deep expertise and experience in IAM. KeyData conducted a ‘current state’ assessment of our complex IAM environments, with multiple stakeholder groups, and identified key challenges our organization was facing. Based on our key challenges, KeyData defined a pragmatic and realistic enterprise IAM Strategy & Roadmap, outlining the key components and priority milestones to achieving a successful IAM deployment. The Strategy and Roadmap were well received by the multiple stakeholder groups. We are on track with implementing the Enterprise IAM Roadmap and realizing the business value.
Christophe Grove, Vice President, Desjardins Group
Increased Cloud-based infrastructure
Cloud-based infrastructure deployment has become the norm; organizations are adopting cloud-based solutions to manage their applications and databases. Due to cloud proliferation, PAM solution vendors will continue to expand their support for cloud deployment, including hybrid deployments that allow more flexible ways to manage the PAM solution and its server encryption keys
Shortly after taking over the senior IT role, I engaged Rosa (KeyData) to conduct an assessment of the performance and results of an IAM project for which I had serious concerns. She was recommended as a highly qualified industry expert and she lived up to her reputation. Her in-depth investigation uncovered the true realities regarding the effectiveness of the delivered IAM solution and provided a clear understanding of the performance of the project team and the external technology consultant. Rosa’s work and report was extremely valuable in informing me on what IAM solution is appropriate for an organization like ours and the path to achieving it.
Robert Wong, Executive Vice President, Chief Information and Risk Officer Toronto Hydro-Electric System Limited
Data breaches due to insider threat
Insider attacks are rapidly increasing and are becoming easier for disgruntled employees to execute while working from home. In this rising threat landscape, adoption of privileged session recording as well as Just-in-Time privileged access is expected to witness huge market demand
KeyData provided excellent guidance for a strategic deployment of SailPoint IIQ in the CBI environment. Their expertise in the area of IAM was invaluable in tackling both existing and new process leading to a successful initial deployment of the solution. We look forward to a continued partnership with KeyData.
Frédéric St-Jean Mercier, Director, IT Service Center, Intact Financial Corporation
With the rise of smart devices, it is becoming more and more difficult for organizations to have complete exposure or inventory of all their internet-connected devices In such large IoT landscapes, organizations will depend on PAM solutions to discover and manage service accounts associated with IoT devices
KeyData helped to define the long-term IAM strategy for Manulife Financial. Three years later the company is still on course to fulfill that strategy.
Vaughn Littlejohn, AVP, Global Information Risk Management Shared Services Manulife Financial
Google revealed it was blocking more than 18 million malware and phishing emails related to COVID-19 every day
Google blocking 18M malicious coronavirus emails every day - CNET
The partnership with KeyData was critical to the success of our SailPoint IdentityIQ implementation and the decommissioning of our old IDM system. Thank you, to the team at KeyData.
Jason Testart, Director, Information Security Services University of Waterloo
Defend against internal threats and targeted attacks – protect the organizations most sensitive assets by monitoring privileged access
Enforce least privilege - for all identities - human and machine - on-premise and in the cloud
Frictionless experience – eliminate the need for privileged users to remember multiple passwords or log in directly in a single c
Satisfy audit and compliance – with audit trail of privileged access and ensure compliance with business and gov