George Georgiou in blue jacket gesturing with right hand

Blog | 3-minute Read

5 privileged access management (PAM) best practices

Steven Connelly

Head of Identity

Published: 13 October 2016

As the threat from trusted insiders continues to increase, the need for Privileged Access Management (PAM) has never been greater.

Gartner reports that by 2018, 25% of organisations will review privileged activity and reduce data leakage incidents by 33%. Those businesses that aren’t planning to review their privileged activity on a regular basis and follow best practices are at risk from internal attacks.

5 steps to effective privileged access management

PAM is a technology that is used to resolve issues relating to privileged accounts. These are the type of accounts that manage all business IT infrastructures, providing users with access to administration accounts, system accounts, and/or operation accounts. However, if such access privileges are placed in the wrong hands, organisations risk being the target of malicious attacks from internal users.

Here, we identify five steps that can be taken towards effective PAM.

tag icon

Free e-Guide

Entra ID: The IAM formerly known as Azure AD

New name, but still leading the way. Everything you need to know about the world’s most popular multi-cloud identity and access management platform.

Download your 34-page e-Guide and discover:

  • How organisations are achieving 123% ROI
  • How you can reduce data breaches by 45%
  • The tools to improve efficiency by 50%

1. PAM and identity access management (IAM) integration

The integration of PAM and IAM systems gives IT departments better visibility, knowledge, access, and control.

An IAM solution on its own gives an organisation control over user access rights, while a PAM solution gives control over privileged users and accounts, providing detailed information on how identities are being used.

Microsoft’s Azure Active Directory (AAD) Privileged Identity Management solution provides you with the tools to control, manage and monitor your privileged identities, as well as their access to resources in Azure AD and other Microsoft platforms. This can help companies manage their admin rights and reduce security risks.

2. Review all privileged accounts

When handling security, it’s best practice to audit privileged access accounts on a regular basis. This should include a thorough evaluation of all accounts currently being used, and a review of the access level they require.

Any accounts which are no longer being used should then be removed.

3. Oversee privileged user activity

Implementing a PAM solution will provide you with the ability to log privileged user activities. This means you can keep an eye on which systems users are accessing and at what level of privilege. You’ll also be able to add, modify or delete existing user accounts on the Access Manager.

4. Password best practice

In order to mitigate leaks and risks to your company’s data, there are password best practices you should be following (if you aren’t already).

Passwords should be changed on a regular basis and should never be shared. This keeps out users other than those that have been given the privileged access.

To prevent password leaks, passwords should be individual to privileged users and not shared among peers or colleagues.

5. Ensure physical security

As well as managing your online security access, it’s also important to maximise the physical security of your IT systems. Where possible, sensitive information systems should be stored separately to your main data centre – locked away in a separate room if needed. Only privileged, authorised personnel should then have access to this area.

Key takeaways

  • Reviewing privileged will help to keep your organisation safe and reduce data leakage by 33%.

  • Your organisation should be putting privileged access management best practices into place.

  • Integrate your privileged access management (PAM) and identity access management (IAM) solutions.

  • Review all of your privileged accounts and oversee all privileged user activity.

  • Implement password best practice policies and don’t forget about good physical security.

tag icon

Free e-Guide

The Complete Guide to Microsoft Entra ID

Unlock the full power of the world’s most popular multi-cloud identity and access management platform.

Download your 34-page guide and discover:

  • How organisations are achieving 123% ROI
  • How you can reduce data breaches by 45%
  • The tools to improve efficiency by 50%
tag icon

Great emails start here

Sign up for great content and exclusive invites

Subscribe to the Kocho mailing list if you want:

  • Demos of the latest Microsoft tech
  • Invites to exclusive events and webinars
  • Resources that make your job easier
Butterfly overlay image


Steven Connelly

Steven Connelly is Kocho’s Head of Identity. As the Head of Identity, he navigates the ever-evolving landscape of digital authentication and security, delivering the best identity solutions for our clients.

Butterfly overlay image

We’re here to help you on your journey towards becoming greater.

Get in touch to find out how.