When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?


Let the community know what you think. Share your opinions now!

ITCS user
66 Answers

author avatar
Real User

First: Make sure it has all the functionality your company absolutely requires right out of the box. Waiting for "the next version" is not a game you want to play.
Second: Make sure that when your needs change in the future, the tool will still be a good choice and had the capability to grow with your scaling and increased functionality needs.
Third: Make sure it can integrate with world class Two Factor and Multi Factor Authentication Software Solutions, like those provided by SyferLock Technology Corporation. (Some bias :)
We are partial to Lieberman Software, Open IAM, and CyberArk depending on your needs.

author avatar

integration with IGA, GRC

author avatar
Top 20LeaderboardConsultant

Few key aspects I would look for in the PIM solution are,

1.Functionalities to achieve the defined scope, e.g. protect, control and monitor privileged accounts (Operating systems / Application / Database)
2.Availability of OOTB integration functionalities with other systems (SIEM / Monitoring Tools / 2 Factor Authentication)
3.Should provide high availability / failover to DR environment with no data loss.
4.Scalable components.
5.Easy to use GUI
6.Availability of OOTB connectors to manage password and sessions of devices.
7.Ability to establish concurrent sessions to the target devices with least amount of time.


author avatar

Question 1: do I need a on-premises or cloud solution ?
Question 2: is my project included or not non-classic-OS items ? - like router, switch, firewall, etc.
Question 3: do i need to get advanced and accurate reports ?
Question 4: is my project a compliance project or a security project ?
Question 5: is the shared admin account management is key in my project ?

Depending the answer, you will get the short list of potencial suppliers which fit with your needs.

author avatar

Speed and coverage. You need to change privileged passwords faster than attackers can exploit them. And, you need to change all privileged credentials across your entire network quickly - not just domain passwords but local admin passwords as well as passwords on routers, switches, etc. If you’re changing your passwords every 90 days and somebody breaks in on day one, how long will they have access to your environment with that credential? At least 90 days and that’s assuming that you can detect them. If you can’t detect them, they’ll be in there 90 days, 120 days, 200 days… years. So, find a solution that can change passwords as often as every couple of hours. That way, you're able to stop zero days in their tracks. Keep the bad guys out and prevent malicious insiders from having continuous access. Lieberman Software can help!

author avatar
Real User

Thanks for reaching out to me.

Some of the aspects are
- Richness in the functionalities that the tool provides.
- Support for basic functionalities like Password Vaulting, Passwod Checkout, Session Checkout, Session or Keystroke recording, Auto Discovery of the privileged accounts on the end points and privileged members
- Support for break glass and approval system
- Support for API based integration with applications
- Ease of integration with Identity Management systems
- Ease of integration with SIEM

These are some of the aspects I could think of at this moment. There could be many more.

Find out what your peers are saying about CyberArk, One Identity, Thycotic and others in Privileged Access Management (PAM). Updated: August 2021.
535,015 professionals have used our research since 2012.