Read as

Why this module exists. Privileged Access Management is the practitioner programme for the small set of high-privilege accounts whose compromise = enterprise compromise. PAM products (CyberArk, BeyondTrust, Delinea, HashiCorp Boundary) provide vaulting, session recording, JIT access. This module covers the architecture and operational discipline.

What privileged accounts cover

Domain Admin / Enterprise Admin (Windows AD).
Root / sudo on Linux servers.
Database admin (DBA) for production databases.
Cloud root accounts and cloud admin IAM roles.
Network device admin (firewall, switch, router).
SaaS admin accounts (Okta admin, Workspace super-admin).
Application admin accounts (Veeam, vCenter, etc.).

Inventory these. The list is usually 10-30× larger than the security team expects.

DPDP Act in your stack?

Get a DPDP gap assessment

Free 30-minute call. We map your data flows against DPDP §8 obligations and tell you exactly which gaps to fix first. Auditor-defensible output.

Book DPDP scoping call Replies in 4 working hrs · India-only · Senior consultants

Module 6 · Privileged Access Management — PAM Architecture and Operations

What privileged accounts cover

Get a DPDP gap assessment

Other modules in this track

Identity and Access Management Programme

Privileged Access Management

Federation — SAML, OIDC, SCIM in Production