©2020 SecureLink. All rights reserved.
Why Privileged Access Management (PAM) is not the ideal solution for managing vendors
October 08, 2018//Ellen Neveux
Last Updated: November 19, 2020PAM solutions provide robust capabilities for securing privileged access and sessions but revolve around knowing and managing the identity of individual users within your directory service. This is a great option for managing employees or permanent contractors, but not vendors or third-party users since it introduces both security and efficiency challenges.
Vendor users come and go and the privileges a vendor user needs one week may not be needed the next. Trying to manage the carousel of transient vendor users can make IT teams’ heads spin and leave holes in your network security.
Don’t give your vendors network credentials or try to manage them. Only give them limited, non-network access to what they need to get their job done. Alone, PAM isn’t the right choice to manage vendors, but when it teams up with secure remote access designed specifically for vendor users, it offers a robust solution and efficient platform.
Integrating PAM with secure remote access
PAM and secure remote access work together to automate your vendor provisioning/de-provisioning, provide secure remote access, all while allowing you to take advantage of the advanced credential security and fine-grained access management that comes with the leading PAM solutions.
Capability | Typical PAM Implementation | SecureLink | Integrated SecureLink and PAM Solution |
| Allows access for vendors without providing network credentials | No | Yes | Yes |
| Provides multi-factor authentication of vendor users without another tool to be implemented with your vendor users | No | Yes | Yes |
| Automates the vendor and vendor user management process | No | Yes | Yes |
| Validates employment status of vendor users | No | Yes | Yes |
| Audits and records privileged sessions | Yes | Yes | Yes |
| Provides granular access controls and scheduling | Yes | Yes | Yes |
| Manages, rotates and injects privileged credentials securely | Yes | Limited | Yes |
| Provides granular command filtering and canned scripts/commands | Yes | No | Yes |
Best practices
Whether you already have a PAM solution and are looking to provide additional security and efficiency around your vendor management program, or are simply tired of using insecure and burdensome access methods such as desktop sharing or VPN, add secure remote access and PAM together to make your privileged vendor access struggle a problem of the past.
