Wipfli logo
Back to Articles

Privileged access management checklist

Tom Wojcinski
Tom Wojcinski
Feb 23, 2023
1 min read

Privileged access management (PAM) limits who (and what) has access to your IT systems and data.

PAM is a comprehensive defense strategy to control, monitor and secure enterprise IT environments. And while people are often your greatest cybersecurity risk, PAM also involves determining access levels for processes and technology.

  • People: Humans are the weakest link in most IT security chains, so organizations have to train employees on good cyber hygiene practices. Many companies also use ethical simulations to test their defenses and reinforce training.
  • Processes: Organizations need to define who/what has access, to what systems, for what purposes and for how long. And they need to keep track of it. IT teams need an accurate inventory of credentialed users so they can monitor and prioritize security.
  • Technology: IT teams need help managing credentials, as well as detecting and responding to threats. Managed detection and response (MDR) tools use artificial intelligence and automation to scan for threats 24/7. Single sign-on and multifactor authentication are parts of the PAM toolkit, along with secure password vaults.

PAM doesn’t have to be complicated. Simple cybersecurity measures are highly effective — as long as they’re implemented correctly.

Follow this checklist to implement PAM effectively:

1. Inventory privileged accounts

Keep track of all employees, vendors and machine entities that have privileged access.

2. Default to 'zero'

By default, access to all privileged systems should be restricted.

3. Define privilege

Establish clear criteria for granting privileged access, such as user roles or limited timeframes. 

4. Make privilege temporary

Revoke privileged access when roles change or access is no longer needed.

5. Limit sharing

Create individual accounts for users, rather than sharing credentials.

6. Train for security

Help employees understand why security practices are necessary and not just a burden. Use ethical tests to reinforce safe practices. 

7. Automate

Use automated tools to reinforce security standards and monitor activity 24/7.

 

How Wipfli can help

As part of a cybersecurity strategy, PAM can significantly lower the risk of cyberattack. Training, standardized security policies and rapid incident detection and response plans are the baseline of modern cyber hygiene.

Our cybersecurity services team is ready to help secure your data through training, simulations, implementations and 24/7 monitoring.

Author(s)

Tom Wojcinski
Tom Wojcinski
Partner
View Profile
INSIGHTS
Transforming decision-making with data accessibility
09/09/2024
By: David Fields, Matt Sabo
New SEC rules on cybersecurity for RIAs
09/09/2024
By: Derek J. Olson
The 3 keys to healthcare efficiency: ERP, EHR and CRM systems in synergy
08/27/2024
By: Kelly Arduino, Rebecca A. Hurst...
Read All Wipfli Insights
How to determine your tech ROI
A guide to building your business case for new tech.
View e-book

TOP PICKS

Jeff Olejnik
Jeff Olejnik 09/30/2024
Business continuity planning: How to prepare for a cyberattack
Read full story
Jeff Olejnik
Jeff Olejnik 09/27/2024
MFA best practices: The key to a robust cybersecurity program
Read full story
09/27/2024
30 tips for Cybersecurity Awareness Month
Read full story