Security to require that DVLS admins need approval to access passwords in PAM accounts that are not their own
Security to require that DVLS admins need approval to access passwords in PAM accounts that are not their own
0 vote
Please consider additional security for PAM accounts that will not allow DVLS admins to see the passwords on PAM accounts without some workflow approval, much like the PAM approval process. Our PAM users and our Security team would like to see additional security on these privileged accounts. PAM reporting of any access requests would be an additional feature to assist in audits.
All Comments (1)
Hello,
Thank you for your request. It is already possible today to configure a PAM approal process on an account. You can configure it in a way that the user will not be able to approve his own request. So even administrator will require somebody else to approve it. Would it work for your use case ?
And for your other request asking for PAM reporting of any access requests, could you elaborate more on that ? We have a report "Privileged access - Recent activities" that will list you all requests asked on an account. Is it what you are looking for ?
Best regards,
François Dubois