Why PIM in my Organization?

Ever logged into a workstation and seen your own login name (such as "John_Doe") and wondered why there is also login option for "Administrator?" The answer: "Administrator," is a Privileged User, a powerful, pre-built account that can only be accessed by Privileged Passwords.

In addition to these pre-built administrative accounts, there are also application accounts that are found in scripts, configuration files and application databases which allow systems to have Privileged Access to an organization's most sensitive information.

Together, these administrative or application accounts pose a variety of threats, which in turn are:

• Extremely powerful, allowing a user to logon on anonymously and have complete control of the target system and full access to all of the information on that system
• Found on virtually every piece of hardware, software and application within an organization, including virtualized environments
• Numerous; the average enterprise has hundreds of thousands of Privileged Identities, Accounts and Passwords
• Shared, which means that the system does not track WHO logged in as an Administrator, merely that a login occurred
• Nearly impossible to disable, unlike a personal identity such as JDoe
• Addressed by, regulations such as Sarbanes Oxley 404, PCI and Basel II requiring, at a minimum that companies prove exactly who logs in to sensitive systems
• Time-consuming and costly to manually update