PAM stands for privileged account management, not the cooking spray. Security has grown far beyond the classic install a “security box” and let everything be protected. A more recently exploited aspect of security by hackers and unhappy recently released employees is the exploitation of passwords to the critical IT systems. As of 2016 Gartner reported this sector is growing at 33% annually.
“1 in 3 hackers say accessing privileged accounts is the easiest and fastest way to get at sensitive data” ~Thycotic
A few things PAM does for IT departments are; control who has access to a company’s most critical IT information, manage and monitor that control to make sure non-designated individuals are not accessing privileged systems, revoking access rights in real time upon employee termination or detection of an attack, increase security making it harder for attackers to penetrate a network, reset and manage passwords for different groups across all devices including mobile devices.
The larger your company, as well as the smaller the IT team to employee ratio, the longer these tasks can take if done manually. Also, depending on industry and compliance variables, manual changes may result in failed audits. PAM software can fully automate most of the work, depending on which type of solution you consider. Like all security areas, there are a lot of options from lower end and free to higher end and highly secure enterprise grade solutions.
The prime variables to consider from my experience are; feature sets needed, total cost of ownership over time, level of security, integration with current environment and software, product reputation and performance in the market.