IBM Security Privileged Identity Manager on developerWorks Blog

Announcing Two New White Papers for IBM Security Privileged Identity Manager

powers-old-account ‎ 1,508 Views

Ranjan Kumar has just posted two white papers to the Privileged Identity Manager Community on dW: :

IBM Security Privileged Identity Manager Scenarios White Paper:
This document provides various privileged and shared id scenarios and high level details of how they can be addressed using IBM solution
IBM Security Privileged Identity Manager Technical White Paper:
This document explains issues associated with privileged and shared id and provides technical details of the IBM Security Privileged Identity Manager

Announcing How To Guides on deploying common PIM scenarios

Ranjan_Kumar Tags: privileged_identity pim ispim ‎ 1 Comment ‎ 2,322 Views

Based on the customers' use cases of shared and privileged identities, we've collected a set of common use cases/scenarios (including some variations) and written some how to guides for each scenario. These scenarios are stand-alone but they can coexist. The how to guide uses a fictitious organization, JK Enterprises, which deploys PIM solution to simplify and streamline the access, compliance, management and governance of the privileged IDs.
This series of documents provide steps to deploy IBM Security Privileged Identity Manager solution, configure the system for each scenarios and a playbook to execute them.

Installation and configuration guide for Privileged Identity Manager Deployment

This document provides details on installing and configuring a PIM Server and a PIM Client with basic setup to get started on PIM deployment.

Scenario 1: Pool of delegated Admin or Help desk users accessing credential pool

This scenario describes how an enterprise, with many servers (either in server farms or heterogeneous servers) which is managed by a group of people (regular employees or contractors), can define a pool of privileged IDs and manage and track the access to these IDs by their system admins.

Scenario 2: Application Admins need Ad-hoc privileged access

Application Administrators usually have less privileges than System Administrator. This scenario describes how higher level privileges can be provided to application administrator when needed and how it can be controlled (through approval), tracked and audited.

Scenario 3: Admins need privileged access in case of emergency (break the glass situation)

Every organization is susceptible to unplanned absences. In such a case of emergency, another person needs to carry out the privileged tasks. This scenario describes how access to an emergency administrator can be assigned, how to track what the emergency admin did and how to (manually or automatically) remove the access.

Scenario 4: Applications or Cron jobs need access to shared privilege id

This scenario describes how an organization can write secure applications (including scripts and cron jobs) by eliminating the need to hard code a privileged ID and password and enabling them to check out a privileged ID when needed and check it in when done.

Scenario 5: Multiple Network Admins need to share a single superuser account to network device

Network devices like routers, firewalls, switches, etc. usually have only one administrator ID which is used by many network administrator. This scenario describes how to track which network admin used which id, for how long and how to periodically send password change reminder for these devices.

Feed for Blog Entries Feed for Blog Comments

Blogs