Forum Discussion
What is the different between Azure PIM and Identity Governance
As I can see both are doing the same, The main key is to delegate administrators and help desk a certain time to do a certain task. Still I find its more easier to tell the user to request access...
Chandrasekhar_Arya tommykneetz
Thanks for your response, but is it correct to do such an implementation for administration delegation, or do I need to do that through PIM and use Identity governance for access review only, or there is no best practice on which approach to use as long as it work!
Yes you need to have owner/manager to certify and approve for all the Privilege's accounts and it doesn't matter weather it is a human or non-human account(service accounts) . It is always recommended to use identity governance and access reviews and re-certify all users at least one in every 90 days which is minimum recommended that most of the organization follow. This way you are establishing an accountability to make sure that only valid users are having access. If you don't use access reviews under identity governance then over a period of time your environment will be be uncontrolledly as it will be very difficult to certify if the users still need access
