Privileged accounts are often generic (such as root, administrator etc) and many times there is no proof of who used privileged logins to gain restricted access. In many organizations there is no up-to-date list of all privileged logins that exist and no verifiable record of which privileged login credentials are known to users. The lifecycle management of the privileged logins, password changes according to defined policy is difficult and managed in an inefficient or time-consuming way. Often there is lack of info on who accessed shared privileged accounts, what was done with it, whether passwords are protected and updated according to policy.
As a result privileged logins may be misused by disgruntled insiders or service providers to take down core systems, access or steal sensitive information.
A PIM solution is designed to solve security and compliance issues associated with Privileged Users and Privileged Access. It helps prevent access breaches through privileged accounts.
A PIM solution acts as a secured Password Vault for privileged accounts of various systems (operating systems, network devices, applications, databases etc) and can enforce password changes based on defined organizational policy. It controls privileged access (sessions) to systems and helps monitor in real time and audit all privileged access and activities. It can also limit or control the privileges of super users and administrators. All these functions can have an authorization workflow (request and approval) enforced as per specific requirements of the organization, while maintaining full audit log.