cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

What is the different between Azure PIM and Identity Governance

niazstinu
Brass Contributor

‎Sep 23 2022 12:08 AM

‎Sep 23 2022 12:08 AM

What is the different between Azure PIM and Identity Governance

As I can see both are doing the same, 

The main key is to delegate administrators and help desk a certain time to do a certain task. 

Still I find its more easier to tell the user to request access though myaccess.microsoft.com rather having them access AAD to request for access.

did I miss a point ?

3,058 Views
0 Likes
4 Replies
Reply
4 Replies
tommykneetz

‎Sep 23 2022 01:58 AM

‎Sep 23 2022 01:58 AM

Re: What is the different between Azure PIM and Identity Governance

with Identity Governance you get 3 features: 1. Access Packages, 2. Access Review, 3. PIM so pim is one part of ident-governance
0 Likes
Reply
Chandrasekhar_Arya

‎Sep 23 2022 03:37 AM

‎Sep 23 2022 03:37 AM

Re: What is the different between Azure PIM and Identity Governance

Identity governance is more focused on managing the lifecycle that include normal users or PIM rather PIM is focused on providing privilege's access . as an example you will use PIM to define users , access levels and JIT etc. and then you will use Identity governance to create access reviews maybe monthly or quarterly to make sure no user is having access which is don't need to have because he left the project or organization
0 Likes
Reply
niazstinu

‎Sep 24 2022 02:27 AM

‎Sep 24 2022 02:27 AM

Re: What is the different between Azure PIM and Identity Governance

@Chandrasekhar_Arya @tommykneetz 

Thanks for your response, but is it correct to do such an implementation for administration delegation, or do I need to do that through PIM and use Identity governance for access review only, or there is no best practice on which approach to use as long as it work!

0 Likes
Reply
Chandrasekhar_Arya

‎Sep 25 2022 10:28 PM

‎Sep 25 2022 10:28 PM

Re: What is the different between Azure PIM and Identity Governance

Yes you need to have owner/manager to certify and approve for all the Privilege's accounts and it doesn't matter weather it is a human or non-human account(service accounts) . It is always recommended to use identity governance and access reviews and re-certify all users at least one in every 90 days which is minimum recommended that most of the organization follow. This way you are establishing an accountability to make sure that only valid users are having access. If you don't use access reviews under identity governance then over a period of time your environment will be be uncontrolledly as it will be very difficult to certify if the users still need access
0 Likes
Reply