Privileged Access Management

Project Overview

Privileged Access Management (PAM) refers to a comprehensive cybersecurity strategy designed to control, monitor, secure, and audit all human and non-human privileged identities and activities across an enterprise IT environment in an effort to protect and record use of systems administrator accounts. It involves people, processes, and technology.

Privileged access allows organizations to secure their infrastructure and applications, run business efficiently, and maintain the confidentiality of sensitive data and critical infrastructure core.

Generally speaking, there are three main objectives for managing privileged access:

  • To comply with regulations and security frameworks by addressing their requirements.
  • To protect the organization by ensuring that the threat of privileged access abuse and misuse is mitigated.
  • To enable the business to run faster by streamlining the assignment and delegation of the minimum privileged access required to individuals within the organization.
PAM Project Milestones

What does this mean for WashU?

Server administrators: For WashU IT managed servers, administration and remote connections will move to a new secondary account that will be sent to individual users. Soon after, the WUSTL Key will no longer be used for server administrator access.

Former PMGuard users: WashU IT will migrate its Identity Access Management (IAM) security tool from PMGuard to CyberArk and retire PMGuard once the migration is complete.

  • The migration will occur at folder-access level, and account access will not be migrated. Users with current account access that are not given folder access by April 7 will lose access to objects and will have to request access again after the migration.
  • Instructions for how to add team members to folders in PM Guard (Word) are available.

CyberArk

CyberArk is a leader in privileged access solutions. CyberArk patented vault technology over 22 years ago and offers a wide variety of credentials management with flexible automatic password rotation. The University has established the use of CyberArk as another security layer to maintain security and confidentiality on University systems. 

CyberArk Video Tutorials

CyberArk FAQ

For any other questions, contact the project team.