Security icon

Reduce IT Admin Risks & Costs with Privileged Access Management (PAM)

Control the access of your most critical users without breaking your budget.


This content requires an active subscription.

Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.

Speak With A Representative Sign In
or Call: 1-888-670-8889 (US) or 1-844-618-3192 (CAN)

View Storyboard

Solution Set Storyboard thumbnail


  • Rob Marano, founder of The Hackerati
  • Dave Millier, CEO of Sentry Metrics

Your Challenge

  • PAM is an investment in terms of implementation. Excuses such as “it seems like too much work and a waste of money to put in place” tend to outweigh the many benefits of having that technology.
  • Privileged users may not appreciate the increased visibility into their actions, and take it as a slight that increased monitoring will be put in place.
  • Technology is not enough. If these accounts are being managed by individuals and not a formal system, they’re not more secure than those of regular internal users. PAM is only one part of the strategy; people and process are necessary too.

Our Advice

Critical Insight

  • The time for ad hoc anything is over. Formal processes and solutions need to be in place. Not doing anything can be low cost, but you’re masking a great complication, which is high risk.

Impact and Result

  • Short term: Being under more scrutiny may change the culture of admins, but helping them understand the value not only to the overall security of the organization, but to their workflow (e.g. increased efficiency, fewer accounts to manage), it will be easier for them to come around and accept the new processes.
  • Long term: Efficiency will be more apparent with fewer help desk tickets, which subsequently means less end-user time wasted waiting for password resets, etc. This also results in cost savings. You’ll also experience increased security overall in the long term, thanks to increased visibility and better account management.

Research & Tools

1. Understand the PAM blueprint and define metrics

Understand project rationale and identify baseline metrics.

2. Assess PAM requirements

Understand business requirements.

3. Identify and evaluate PAM options

Analyze which solution is best to carry forward and will help save costs.

4. Communicate with admins and stakeholders

Manage stakeholder expectations and inform admins of how PAM will affect them.

5. Select a PAM solution

Use RFP and vendor demo script templates to ensure you get the best solution for your requirements.

6. Implement a PAM solution

Understand and execute project steps to successfully implement PAM.

Guided Implementations

This guided implementation is a six call advisory process.

Call #1 - Understand project rationale

Understand high-level project rationale and goals, and establish baseline metrics.

Call #2 - Assess PAM requirements

Establish what is in scope of a PAM project, and who is responsible. (Expect at least five calls.)

Call #3 - Identify and evaluate PAM options

Understand the market place and the high-level product criteria you need to be focusing on when evaluating solutions. (Expect at least three calls.)

Call #4 - Communicate with admins and stakeholders

Play to the benefits of this project to help keep them focused on the gains over the costs. (Expect a minimum of one call.)

Call #5 - Select PAM solution

Using an RFP template and a Vendor Demo script, prepare to shortlist desired vendors and get the solution you need. (Expect a minimum of two calls.)

Call #6 - Implement PAM

Use a comprehensive Project Charter to work through your project steps to ensure an efficient and non-intrusive PAM roll-out. (Expect a minimum of about four calls.)

Onsite Workshop

Discuss This Workshop

Book Your Workshop

Onsite workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost onsite delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.

Module 1: Project Rationale

The Purpose

  • Understand the problem
  • Review blueprint goals
  • Understand value and impact of the project
  • Determine baseline metrics

Key Benefits Achieved

  • Defined scope of project
  • Established value proposition
  • Identify key success metrics




Define baseline metrics

  • Project Charter (with recorded metrics)

Record baseline metrics

Module 2: Assess PAM Requirements

The Purpose

  • Understand PAM’s impact on your security posture
  • Establish your overall business case
  • Document requirements
  • Establish which apps/systems are in scope
  • Conduct inventory

Key Benefits Achieved

  • Make the case for why PAM is needed
  • Identify holes in one of your critical systems to support the need for PAM




Requirements gathering

  • Project Charter

Database/operating system inventory

  • Inventory information for the Stakeholder and Admin Communication Plan

Module 3: Identify and Evaluate PAM Options

The Purpose

  • Understand key PAM solution criteria
  • Conduct current state analysis of PAM processes
  • Conduct desired state analysis of PAM processes
  • Understand key PAM solution criteria
  • Review options
  • Determine cost savings

Key Benefits Achieved

  • Understand organizational needs based on what you currently do towards managing privileged accounts and where you want to be
  • Identify how PAM will save your organization money




Current state analysis

  • Project Charter

Future state analysis

  • PAM ROI Calculator

Cost savings analysis

Module 4: Communicate with Admins and Stakeholders

The Purpose

  • Obtain admin support
  • Secure stakeholder support

Key Benefits Achieved

  • Communication and support for PAM from both stakeholders and the admins that PAM affects is crucial to the success of the implementation project




Communication plan strategy for admins and stakeholders

  • Stakeholder and Admins Communication Decks

Module 5: Select a PAM Solution

The Purpose

  • Understand vendor relations
  • Use Info-Tech’s RFP Template to establish your requirements
  • Use Info-Tech’s Vendor Demo Script to ensure clear communication

Key Benefits Achieved

  • Understand what kind of information to give to vendors to ensure they find the best solution for your needs




Understand RFP template and vendor demo script requirements

  • PAM RFP Template
  • PAM Vendor Demo Script

Module 6: Implement PAM Solution

The Purpose

  • Understand RFP template and vendor demo script requirements

Key Benefits Achieved

  • Understand Work Breakdown Structure (WBS).
  • Have a basis for how to roll out PAM




RACI chart

  • Project Charter

Project step break down