Better control over privileges has created a new acronym, JIT (just in time), that takes residence in front of the PAM acronym. The concept of JIT PAM, which is being promoted by security vendors such as Beyond Trust, is one of controlling access based upon a number of different policies that are further enhanced with behavioral data.
At the recent Beyond Trust partner summit, cybersecurity expert Derek Smith noted, “Privileged credentials exist everywhere and 100% of all advanced attacks rely on exploits of privileged credentials.” That’s a sobering thought for those in charge of cybersecurity and those who are part of the DevSecOps process. Smith said some of the best practices around PAM include, “Track and secure, govern and control, and record and audit,” exemplifying the need for a platform approach. For Beyond Trust, that means creating a platform that defines a new paradigm of trust, one that builds policy around the who, what, why, where, when of access