Portal
Forum
Devolutions Force
Hub Business
Hub Personal
Devolutions Send
Devolutions Academy
RDM
Workspace
Launcher
The world of IT moves fast — not only through innovation, but also (and especially) when crises hit. In these critical moments, your priority as an IT professional is to swiftly minimize disruptions for both your business and end users. However, while the principle of least privilege has long been considered a best practice, it often comes with trade-offs in efficiency, and many privileged access management solutions fall short of offering the agility needed in critical scenarios.
At Devolutions, we believe in empowering users to achieve both efficiency and security as they defend their organizations' essential resources. Our privileged access management (PAM) solution, Devolutions PAM, turns this vision into reality by helping you protect essential resources without hindering your workflow.
Our most recent updates reflect this commitment to efficiency, particularly with features like automatic privileged account check-in, designed to keep your PAM operations as seamless as they are secure.
Understanding Devolutions PAM
Privileged accounts exist everywhere in organizations: rounding them up is no simple task. Devolutions PAM simplifies this daunting process by offering features like discovery, heartbeat, password reset, and password propagation to help you establish positive control over these privileged accounts.
Built as an easy-to-add module within both the self-hosted Devolutions Server (DVLS) and cloud-hosted Devolutions Hub Business advanced data sources, Devolutions PAM seamlessly integrates with Devolutions Remote Desktop Manager (RDM) and Devolutions Launcher to create a unified privileged access management workflow. For example, with Devolutions PAM, you can launch a PAM-credential-connected session directly in RDM with optional approval and just-in-time (JIT) credential elevation, and upon session completion, the privileged account's password can be automatically rotated and propagated to systems downstream.
Solving the session choice
When troubleshooting, you may need to access a single endpoint or multiple endpoints depending on the nature of the problem. Devolutions PAM offers you two options for this:
- Check out a PAM credential for a specific time frame, usable for multiple sessions until checked back in;
- Check out a PAM credential for a single session with a user-configurable automatic check-in upon closing the session.
This flexibility lets you either keep a session open for an extended troubleshooting session or limit the amount of time a credential can access a given password.
This choice becomes even more critical when considering zero-standing privileges. Imagine this: you might have configured your PAM credential to have no access (not belonging to any Active Directory groups, for instance) while not in use. By using Devolutions PAM just-in-time (JIT) elevation, required groups are added upon check-out, enabling you to go about your work. At check-in, the groups are automatically removed, and the password is rotated, keeping standing permissions to a bare minimum. With automatic check-in upon the session close, the permissions remain on an account for the least amount of time necessary.
Discovering automatic PAM credential check-ins
How does this play out in a real-world scenario? In the video below, an RDM user opens a PAM credential connected to the session. Because the preferences are set to automatically check in the session upon closing, the password is rotated seamlessly, and changes propagate to any systems downstream.
Staying efficient with your tools is crucial to streamlining your IT responsibilities and accelerating problem-solving. Devolutions PAM is designed with IT professionals in mind, providing the tools to maximize efficiency with minimal friction.
Ensuring efficiency with Devolutions PAM
Devolutions PAM is great for both small businesses and larger enterprises that need an efficient privileged access management solution. The Devolutions ecosystem empowers IT professionals to resolve problems quickly and work with maximum efficiency. Privileged access management shouldn’t slow you down — and with Devolutions PAM, it doesn’t. Let us help you make your IT operations easier!
