Skip To Main Menu

PAM Checklist

Businesswoman in an office hallway looking at a tablet

Privileged access management lets in who you want, keeps out who you don’t

Businesswoman in an office hallway looking at a tablet
February 23, 2023

Privileged access management (PAM) limits who (and what) has access to your IT systems and data.

PAM is a comprehensive defense strategy to control, monitor and secure enterprise IT environments. And while people are often your greatest cybersecurity risk, PAM also involves determining access levels for processes and technology.

  • People: Humans are the weakest link in most IT security chains, so organizations have to train employees on good cyber hygiene practices. Many companies also use ethical simulations to test their defenses and reinforce training.
  • Processes: Organizations need to define who/what has access, to what systems, for what purposes and for how long. And they need to keep track of it. IT teams need an accurate inventory of credentialed users so they can monitor and prioritize security.
  • Technology: IT teams need help managing credentials, as well as detecting and responding to threats. Managed detection and response (MDR) tools use artificial intelligence and automation to scan for threats 24/7. Single sign-on and multifactor authentication are parts of the PAM toolkit, along with secure password vaults.
  • %

    of data breaches involve human error or misuse

  • 64.2

    of breaches involve access to a privileged account

PAM doesn’t have to be complicated. Simple cybersecurity measures are highly effective — as long as they’re implemented correctly.

Follow this checklist to implement PAM effectively:

1. Inventory privileged accounts

Keep track of all employees, vendors and machine entities that have privileged access.

2. Default to 'zero'

By default, access to all privileged systems should be restricted.

3. Define privilege

Establish clear criteria for granting privileged access, such as user roles or limited timeframes. 

4. Make privilege temporary

Revoke privileged access when roles change or access is no longer needed.

5. Limit sharing

Create individual accounts for users, rather than sharing credentials.

6. Train for security

Help employees understand why security practices are necessary and not just a burden. Use ethical tests to reinforce safe practices. 

7. Automate

Use automated tools to reinforce security standards and monitor activity 24/7.


How Wipfli can help

As part of a cybersecurity strategy, PAM can significantly lower the risk of cyberattack. Training, standardized security policies and rapid incident detection and response plans are the baseline of modern cyber hygiene.

Our cybersecurity team is ready to help secure your data through training, simulations, implementations and 24/7 monitoring.

  • Tom Wojcinski
    Tom Wojcinski
    Tom thrives on ferreting out flaws in cybersecurity systems so he can help clients with their digital defenses and thwart hackers. His passion lies in going beyond cyber defense to playing offense — crafting strategies for resilience and recovery.
    Contact me

Related resources

See all

Want to get started?

Reach out to learn more about how we can keep you safe in a digital space.