Privileged Account Management in IdentityIQ

 

Note: You must have the SailPoint™ Lifecycle Manager installed to use the Privileged Account Management Module effectively.

The SailPoint IdentityIQ Privileged Account Management (PAM) Module extends identity governance processes and controls to highly privileged access, enabling you to centrally manage access to privileged and non-privileged accounts. It gives you a complete and centralized view of your PAM containers, including which individuals and groups have access to each container, and what privileged items each container holds. It also automates governance controls, enabling you to securely manage access to PAM containers.

IdentityIQ is not a PAM solution per se and does not provide the same features a PAM solution does; rather, the IdentityIQ PAM module integrates with market-leading PAM solution providers (such as Thycotic, Leiberman, CyberArk, and BeyondTrust) to provide governance features that the PAM solutions themselves do not offer. While the native PAM solution determines what is in a container, and IdentityIQ PAM module governs who has access to a container, and what permissions they have in it

The SailPoint IdentityIQ Privileged Account Management Module gives you:

Complete visibility and governance over privileged accounts

By extending identity governance to privileged accounts, enterprises get a 360-degree view over all access, especially high-risk identities with privileged access.

Simplified and centralized administration

With the Privileged Account Management Module, IdentityIQ can serve as a central platform to govern access to both privileged and non-privileged accounts according to established policies. This prevents overprovisioning and limits the risk of providing access to highly privileged accounts to unauthorized users. It also speeds the delivery of privileged access based on user role or lifecycle event changes.

Integration with multiple 3rd-party PAM solutions at once

The IdentityIQ Privileged Account Management Module enables you to deploy multiple instances and integrate with multiple PAM vendors at the same time. The IdentityIQ Privileged Account Management Module provides an open, standards–based integration framework (SCIM) that supports any third-party solution.