Privileged Access Management (PAM) is a set of cybersecurity strategies and technologies for controlling, monitoring, and auditing elevated access to critical systems and sensitive data. Privileged accounts, such as system administrators, database administrators, and root accounts, have the ability to make significant changes to IT infrastructure and access sensitive information, making them high-value targets for attackers.
A comprehensive PAM programme includes credential vaulting (storing privileged passwords in encrypted vaults), session recording and monitoring, just-in-time access provisioning, and automatic credential rotation. PAM is a critical control for meeting the requirements of ISO 27001, SOC 2, NIS2, and PCI DSS, and is one of the most impactful security investments an organisation can make to reduce the risk of insider threats and lateral movement during a breach.