“Always-on” privileged accounts have long reigned as the default mode for administrative access. Today, these powerful, always-on accounts proliferate across enterprises. This means that the privileged access, rights, and permissions are always in an active mode and ready to be exercised—for legitimate activities as well as for illicit ones.
And this massive risk surface is rapidly expanding alongside the growing use of virtual, cloud, and DevOps environments, internet of things (IoT) devices, as well as in emerging areas, such as robotic process automation (RPA). Of course, cyber threat actors are wise to what is essentially the over-provisioning of privileges via the always-on model.
Just-in-time (JIT) privileged access management (PAM) can help drastically condense the privileged threat surface and reduce risk enterprise-wide. Implementing JIT PAM can ensure that identities only have the appropriate privileges when necessary, and for the least time necessary. This process can be entirely automated so that it is frictionless and invisible to the end user.
BeyondTrust's PAM platform supports the just-in-time model by enabling the centralized management of privileged credentials and sessions, privilege elevation/delegation across endpoints, and remote access with a wide variety of triggers.