Definition

privileged identity management (PIM)

Part of the Security management glossary:

Privileged identity management (PIM) is the monitoring and protection of superuser accounts in an organization’s IT environments.

Oversight is necessary so that the greater access abilities of super control accounts are not misused or abused. Unmanaged super user accounts can lead to loss or theft of sensitive corporate information, or malware that can compromise the network.

Super user accounts, such as those for database administrators (DBAs), CIOs and CEOs, have typically been very loosely governed. Identity management software often leaves super user accounts totally uncontrolled while enabling advanced privileges on the corporate network. Furthermore, the owners of those accounts often have no formal training in managing them.

To implement privileged identity management:

  1. Create a policy that specifies how super user accounts will be managed and what the account holders should and should not be able to do.
  2. Develop a management model that identifies a responsible party to ensure that the above policies are followed.
  3. Inventory privileged accounts to determine how extensive the population is and to identify them.
  4. Establish tools and processes for management, such as provisioning tools or specialized PIM products. 

 

This was last updated in November 2013
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • Types of enterprise risk

    - An enterprise risk is any potential event that could threaten an organization's ability to achieve its financial goals; long term, a risk can be a threat to sustainability. In a business context, r... (WhatIs.com)

  • business risk

    - A risk, in a business context, is anything that threatens an organization's ability to generate profits at its target levels. Business risks are broadly categorized as pure risks, which are negativ... (WhatIs.com)

  • pay for privacy

    - Pay for privacy is a business model in which customers are charged a fee to ensure that their data will not be shared and is secure from third-party access. In some contexts, a pay for privacy serv... (WhatIs.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About privileged identity management (PIM)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.