Is PAM (or PIM or PUM) moving into Provisioning?

These days I have been talking with Siemens on enhancements for their DirX Identity product, a provisioning tool (and, by the way, a pretty good one). Amongst the new features is some support for Privileged Account Management (PAM). That's interesting. I've blogged some time ago about the possibility of provisioning vendors starting to acquire PAM vendors and adding these capabilities to their provisioning products.

Siemens didn't acquire but implemented some own technology. They mainly focus on providing one-time passwords for the use of privileged accounts and re-setting these passwords after use. This is combined with strong authentication, using smartcards. In fact it is sort of a mix between product (resetting passwords and all that stuff) and project (adding strong authentication using other products). But finally they became a pioneer in integrating PAM with provisioning.

There is no doubt that the leading PAM suites like the ones provided by Cyber-Ark or Lieberman Software provide a much broader feature set. However, integrating that with provisioning tools, identity lifecycles, and existing (self) service interfaces is a valid approach. I expect other vendors to follow, adding PAM support as well. However, the specialists will provide a more sophisticated solution at least for a pretty long period of time (unless they become acquired...).

But what Siemens has done proves my thesis on PAM moving into provisioning, servicing the specific requirements of customers. And it proves that PAM is moving from a niche topic towards a mainstream technology in the broader IAM market.

Regarding the term PAM (or PIM or PUM): I prefer Privileged Account Management because it is about accounts which are associated to a person and their digital identity. The user is sometimes associated with an account, sometimes more understood as a construct in between, e.g. a user-ID with some accounts associated and sometimes the situation that some person with one digital identity could have multiple user-IDs. For what is managed, PAM seems to be the most appropriate term, from my point of view.


Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Blog

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Latest Insights

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00