Reduce IT Admin Risks & Costs with Privileged Access Management (PAM)

Control the access of your most critical users without breaking your budget.

Unlock

This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

Your Challenge

  • PAM is an investment in terms of implementation. Excuses such as “it seems like too much work and a waste of money to put in place” tend to outweigh the many benefits of having that technology.
  • Privileged users may not appreciate the increased visibility into their actions, and take it as a slight that increased monitoring will be put in place.
  • Technology is not enough. If these accounts are being managed by individuals and not a formal system, they’re not more secure than those of regular internal users. PAM is only one part of the strategy; people and process are necessary too.

Our Advice

Critical Insight

  • The time for ad hoc anything is over. Formal processes and solutions need to be in place. Not doing anything can be low cost, but you’re masking a great complication, which is high risk.

Impact and Result

  • Short term: Being under more scrutiny may change the culture of admins, but helping them understand the value not only to the overall security of the organization, but to their workflow (e.g. increased efficiency, fewer accounts to manage), it will be easier for them to come around and accept the new processes.
  • Long term: Efficiency will be more apparent with fewer help desk tickets, which subsequently means less end-user time wasted waiting for password resets, etc. This also results in cost savings. You’ll also experience increased security overall in the long term, thanks to increased visibility and better account management.

Reduce IT Admin Risks & Costs with Privileged Access Management (PAM)

1

Understand the PAM blueprint and define metrics

Understand project rationale and identify baseline metrics.

2

Assess PAM requirements

Understand business requirements.

3

Identify and evaluate PAM options

Analyze which solution is best to carry forward and will help save costs.

4

Communicate with admins and stakeholders

Manage stakeholder expectations and inform admins of how PAM will affect them.

5

Select a PAM solution

Use RFP and vendor demo script templates to ensure you get the best solution for your requirements.

6

Implement a PAM solution

Understand and execute project steps to successfully implement PAM.

Onsite Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Project Rationale

The Purpose

  • Understand the problem
  • Review blueprint goals
  • Understand value and impact of the project
  • Determine baseline metrics

Key Benefits Achieved

  • Defined scope of project
  • Established value proposition
  • Identify key success metrics

Activities:
Outputs

1.1

Define baseline metrics

  • Project Charter (with recorded metrics)

1.2

Record baseline metrics

Module 2: Assess PAM Requirements

The Purpose

  • Understand PAM’s impact on your security posture
  • Establish your overall business case
  • Document requirements
  • Establish which apps/systems are in scope
  • Conduct inventory

Key Benefits Achieved

  • Make the case for why PAM is needed
  • Identify holes in one of your critical systems to support the need for PAM

Activities:
Outputs

2.1

Requirements gathering

  • Project Charter

2.2

Database/operating system inventory

  • Inventory information for the Stakeholder and Admin Communication Plan

Module 3: Identify and Evaluate PAM Options

The Purpose

  • Understand key PAM solution criteria
  • Conduct current state analysis of PAM processes
  • Conduct desired state analysis of PAM processes
  • Understand key PAM solution criteria
  • Review options
  • Determine cost savings

Key Benefits Achieved

  • Understand organizational needs based on what you currently do towards managing privileged accounts and where you want to be
  • Identify how PAM will save your organization money

Activities:
Outputs

3.1

Current state analysis

  • Project Charter

3.2

Future state analysis

  • PAM ROI Calculator

3.3

Cost savings analysis

Module 4: Communicate with Admins and Stakeholders

The Purpose

  • Obtain admin support
  • Secure stakeholder support

Key Benefits Achieved

  • Communication and support for PAM from both stakeholders and the admins that PAM affects is crucial to the success of the implementation project

Activities:
Outputs

4.1

Communication plan strategy for admins and stakeholders

  • Stakeholder and Admins Communication Decks

Module 5: Select a PAM Solution

The Purpose

  • Understand vendor relations
  • Use Info-Tech’s RFP Template to establish your requirements
  • Use Info-Tech’s Vendor Demo Script to ensure clear communication

Key Benefits Achieved

  • Understand what kind of information to give to vendors to ensure they find the best solution for your needs

Activities:
Outputs

5.1

Understand RFP template and vendor demo script requirements

  • PAM RFP Template
  • PAM Vendor Demo Script

Module 6: Implement PAM Solution

The Purpose

  • Understand RFP template and vendor demo script requirements

Key Benefits Achieved

  • Understand Work Breakdown Structure (WBS).
  • Have a basis for how to roll out PAM

Activities:
Outputs

6.1

RACI chart

  • Project Charter

6.2

Project step break down