The utilization of “always-on” privileged accounts has been the default mode for administrative access for the last 40 years. However, always-on access presents a massive risk surface as it means the privileged access, rights, and permissions are always active and ready to be exercised - for legitimate activities as well as for illicit ones. And this risk surface is rapidly expanding alongside the growing use of virtual, cloud, and DevOps environments and internet of things (IoT) devices. Of course, cyber threat actors are wise to what is essentially the over-provisioning of privileges via the always-on model.
Just-in-time (JIT) privileged access management (PAM) can help drastically condense the privileged threat surface and reduce risk enterprise-wide. This white paper includes an overview of JIT privilege management, provides tips on a practical model for achieving it, outlines parameters to build your JIT policy, and offers a glossary of key concepts and terminology.