Azure AD Privileged Identity Management
Privileged Identity Management (PIM) is a service in Azure Active Directory (Azure AD) that enables you to manage, control, and monitor access to important resources in your organization. These resources include resources in Azure AD, Azure, Exchange Administrator, SharePoint and other Microsoft Online Services such as Microsoft 365 or Microsoft Intune.
By implementing Azure AD Privileged Identity Management, organizations can protect organization resources with improved security features, and even keep an eye on what legitimate administrators are doing.
Reasons to use
Organizations want to minimize the number of people who have access to secure information or resources, because that reduces the chance of
- a malicious actor getting access
- an authorized user inadvertently impacting a sensitive resource
However, users still need to carry out privileged operations in Azure AD, Azure, Microsoft 365, or SaaS apps. Organizations can give users just-in-time privileged access to Azure and Azure AD resources and can oversee what those users are doing with their privileged access.