Just-In-Time (JIT) Privileged Access Management (PAM)

What It Is & Why Now Is The Time To Implement It

Published October 2019


The utilization of “always-on” privileged accounts has been the default mode for administrative access for the last 40 years. However, always-on access presents a massive risk surface as it means the privileged access, rights, and permissions are always active and ready to be exercised - for legitimate activities as well as for illicit ones. And this risk surface is rapidly expanding alongside the growing use of virtual, cloud, and DevOps environments and internet of things (IoT) devices. Of course, cyber threat actors are wise to what is essentially the over-provisioning of privileges via the always-on model.

Against this backdrop, it’s no surprise that the abuse and/or misuse of privileges play a role in almost every cybersecurity breach incident today, as has been widely reported by the top industry analysts and other research. With privileged access in hand, an attacker essentially becomes a malicious insider, and that’s an alarming scenario for any IT professional, all the way up through the C-level, and the Board.

Privileged accounts are now truly everywhere across your organization, but traditional, perimeter-based security technologies can only protect privileged accounts within their boundaries. Each privileged account represents potentially another privileged attack vector, and some of them are accessible directly on the Internet. Just-in-time (JIT) privileged access management (PAM) can help drastically condense the privileged threat surface and reduce risk enterprise-wide.

This white paper includes an overview of JIT privilege management, provides tips on a practical model for achieving it, outlines parameters to build your JIT policy, and offers a glossary of key concepts and terminology.

You will have to register, or log in, in order to download this paper.

Biting the hand that feeds IT © 1998–2019