Baseline Boosters
Privileged Identity Management
In a nutshell
Most companies want to restrict who has access to sensitive data and resources, which results in many deploying privileged access policies. Privileged Identity Management (PIM) is a crucial Microsoft Azure security feature that can help reduce the risk of unauthorised access and misuse of privileged accounts. After all, those who can see the most, arguably need protecting more.
PIM enables you to control, manage and monitor access to privileged resources in Microsoft Entra ID, Azure, and other Microsoft Online Services such as MS365 or Intune.
Just in Time Access
A model where users receive privileged permissions temporarily in a specified window to prevent malicious or unauthorised access.
Just Enough Access
A security practice where users are provided with only the minimum privileges needed to accomplish administrative tasks.
Privileged Admin Workflow
Can be configured to require approval for activation with user(s) or group(s) as delegated approvers.
Audit-ready
Enables you to view activity, activations, and audit history for all privileged roles within your organisation.
Bitesized benefits:
Enforcing Least Privilege
PIM enables organisations to grant privileged access to users on a Just in Time basis, reducing the risk of unauthorised access to sensitive resources.
Multi-Factor Authentication (MFA)
MFA is supported by PIM for privileged accounts. This adds an extra layer of security to prevent unauthorised access to privileged accounts.
Monitoring and Auditing
You can continuously monitor privileged access activity, allowing you to detect and respond to suspicious activity in real-time. PIM provides detailed audit logs for all privileged access activity, allowing you to audit privileged access.
Role-Based Access Control
PIM provides granular Role-Based Access Control (RBAC) for privileged access, ensuring that users have only the privileges they need to perform their tasks, and no more.
Approve or deny access requests
By following pre-determined workflows, PIM checks access requests to confirm that users have the authorisation rights for a privileged role. If the requirements are met, the user is granted access. If the requirements are not met, the request is denied, and a security incident is logged in the audit records.
Tell me more
What's included:
Azured will work with you to scope the project, helping you to decide which users require PIM. We will then configure and deploy the service, and provide you with training documentation and a handover, so you are fully enabled to manage the service going forward.
1. Discovery
Determine policies to be enforced and user groups.
2. Scope
1-hour workshop to run through implementation.
3. Configure
including roles to apply, maximum time, approvals, notifications and monitoring.
4. Deploy
Full deployment of the service, including testing.
5. Document
Including how to monitor the service, add/remove users and further reading.
6. Handover
30-minute workshop to ensure you have everything you need.
Minimum licence requirements
You must have a SKU that includes Microsoft Entra ID P2.
Costs
Estimated implementation cost of £3,000.
Getting started...
To get started with Privileged Identity Management, book a call.