Forum Discussion
Solved
The value of PIM without approvals
It seems that for Privileged Identity Management (PIM) to be effective you would always need to "require approval" for each role. Is there any security benefit to PIM without using this feature? It w...
- Two advantages IMO:
- One access is JIT. Sure an attacker can activate the role, but it's an extra step to make the life of an attacker harder
- Auditing. With PIM you have an audit trail when and why a role was activated
It's security through obscurity and allows the implementer to check the "JIT" and "Privileged Access Management" boxes, without taking any responsibility what so ever. It is beyond stupid.
.... IMO.
.... IMO.