Privileged Account and Session Management (PASM)


What is Privileged Account and Session Management?

Privileged Account and Session Management (PASM) solutions are a class of privileged access management (PAM) solutions that grant users temporary admin access to privileged corporate environments on an “all-or-nothing” basis. PASM solutions that help manage, control and monitor privileged accounts are part of an organization's risk management and cybersecurity strategy.

In 2017, analysts at Gartner divided the PAM market into two primary solution groups: Privileged Account and Session Management (PASM) and Privilege Elevation and Delegation Management (PEDM).

How PASM works

PASM solutions typically access to privileged accounts via password vaulting, password rotation or password creation. Some PASM tools manage cryptographic keys and offer application-to-application password management.

Once users request access from the vault, they may be given a temporary account with administrative privileges. PASM solutions typically have the ability to monitor and record what occurs during that session. Once the session is finished, that recording is logged and used for compliance and auditing purposes.