Health-ISAC has released Privileged Access Management: A Guide for Healthcare CISOs, the ninth whitepaper in the ongoing series for CISOs on Identity & Access Management (IAM).
IAM systems manage the virtual front door for healthcare organizations. On one side, you have the employees, caregivers, and others who need access to a range of applications to do their jobs. On the other side, you have patients who are using different portals and applications to reach out to physicians, request medications, and make appointments. But there is also a third side to this identity triangle: Privileged Access Management (PAM).
While enabling secure and simple access to systems is a goal of identity and access management for the workforce and patients, PAM purposely adds friction to the process to ensure the greatest possible security. Information and resources protected by PAM are an organization’s most critical resources. A separate, higher security system is necessary for these systems as unauthorized access could mean exfiltration of critical data and compromise of networks and applications. To put it simply, the compromise of privileged accounts would be devastating to a healthcare organization.
Key Takeaways
How PAM is different from an organization’s other identity and access management systems.
Where PAM fits into the Health-ISAC framework for Managing Identities.
How PAM can help secure the most critical workflows for healthcare organizations.
The challenges that can arise with PAM systems for healthcare organizations.
