Forum Discussion
Solved
The value of PIM without approvals
It seems that for Privileged Identity Management (PIM) to be effective you would always need to "require approval" for each role. Is there any security benefit to PIM without using this feature? It w...
- Two advantages IMO:
- One access is JIT. Sure an attacker can activate the role, but it's an extra step to make the life of an attacker harder
- Auditing. With PIM you have an audit trail when and why a role was activated
I agree with William Oettmeier. At least PIM should be complemented with a robust audit applied to the roles' activation and the activities privileges role are performing. A kind of Privileged Access Management.