What Is Privileged Account and Session Management (PASM)?

Privileged Account and Session Management (PASM) is a new PAM (Privileged Access Management) that focuses on privileged account monitoring and management for compliance, security, and data integrity purposes. Whereas PAM covers user account, on rights escalation demands, PASM and PEDM (Privilege Elevation and Delegation Management), its counterpart, covers those accounts that, by design, run on elevated privileges – administrative, system, and operational accounts. In this article, I’ll be covering PASM, the first step in building a functional privileged account monitoring & management infrastructure.

From PAM to PASM and PEDM

PASM is the answer to the life-long question: “who watches the watchers?”. Privileged accounts are vital cogs in a company’s digital ecosystem, ensuring e-business continuity, operational readiness, and, most importantly safeguarding assets and resources against insider threats and malicious actors. Undoubtedly, the term itself has caused some degree of confusion, often being mistaken with P.A.M (Privileged Access Management).

Indeed, PASM and PAM are two sides of the same coin (i.e. rights curation and access control), but not entirely the same. I have already mentioned the fact that PASM applies to privileged accounts, while PAM to ‘underprivileged’ accounts (non-administrative accounts). Now, in defining Privileged Accounts and Session Management, we first need to

Read More: https://heimdalsecurity.com/blog/privileged-account-and-session-management/