{
    "version" : "https://jsonfeed.org/version/1",
    "content" : "news",
    "type" : "single",
    "title" : "The Privileged Identity Playbook Guides Management of Privileged User Accounts |Digital.gov",
    "description": "The Privileged Identity Playbook Guides Management of Privileged User Accounts",
    "home_page_url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/","feed_url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/2022/11/10/the-privileged-identity-playbook-guides-management-of-privileged-user-accounts/index.json","item" : [
    {"kicker" : "Identity, Credential, and Access Management","title" :"The Privileged Identity Playbook Guides Management of Privileged User Accounts","deck" : "Securing and Protecting Federal Information Systems","summary" : "The Privileged Identity Playbook is a practical guide to help federal agencies implement and manage a privileged user management function as part of an overall agency ICAM program.","date" : "2022-11-10T10:28:00-05:00","date_modified" : "2024-04-02T09:45:13-04:00","authors" : {"kenneth-myers" : "Kenneth Myers"},"topics" : {
        
            "privacy" : "Privacy",
            "security" : "Security"
            },"primary_image" : { "uid" : "cyber-security-and-privacy-golden-sikorka-istock-getty-images-1358866874", "alt" :
  "Illustrated graphic with a cyber security and privacy theme features a laptop, cell phone, password field, security lock, key, cloud, and other elements.", "width" :
  "1200", "height" :
  "628", "credit" :
  "", "caption" :
  "Golden Sikorka, iStock, Getty Images", "format" :
  "png" },"branch" : "cm-topics-button-component",
      "filename" :"2022-11-10-the-privileged-identity-playbook-guides-management-of-privileged-user-accounts.md",
      
      "filepath" :"news/2022/11/2022-11-10-the-privileged-identity-playbook-guides-management-of-privileged-user-accounts.md",
      "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/cm-topics-button-component/content/news/2022/11/2022-11-10-the-privileged-identity-playbook-guides-management-of-privileged-user-accounts.md",
      "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/cm-topics-button-component/content/news/2022/11/2022-11-10-the-privileged-identity-playbook-guides-management-of-privileged-user-accounts.md","slug" : "the-privileged-identity-playbook-guides-management-of-privileged-user-accounts","url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/2022/11/10/the-privileged-identity-playbook-guides-management-of-privileged-user-accounts/","weight" : "1","content" :"\u003cp\u003eInformation systems are the backbone of federal websites and digital services. Our customers expect our services to be secure and trustworthy, and we need to manage this infrastructure to meet their expectations. A key part of this work is managing privileged users’ accounts.\u003c/p\u003e\n\u003cp\u003ePrivileged users perform various security-related duties that make them targets for cybercriminals or malicious insiders. The misuse or compromise of privileged user accounts has resulted in the most high-profile federal and private security breaches. Therefore, it is critical for federal agencies to identify privileged users and protect their access to high-value assets.\u003c/p\u003e\n\u003cp\u003eThe General Services Administration’s (GSA) Identity, Credential, and Access Management (ICAM) team has created the \u003ca href=\"https://playbooks.idmanagement.gov/playbooks/pam/\"\u003ePrivileged Identity Playbook\u003c/a\u003e as a practical guide to help federal agencies manage their privileged user accounts as part of an overall agency ICAM program. Managing privileged user accounts actively decreases the cyber risk to your agency\u0026rsquo;s mission.\u003c/p\u003e\n\u003cp\u003eThe three main ways to identify a privileged account or user are:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eAdministrators\u003c/strong\u003e with access to manage IT infrastructure, resources of high-value assets, and core systems, such as maintenance activities on human resource applications or databases.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHelp desk personnel\u003c/strong\u003e with elevated privileges to perform security-relevant processes, such as installing software on user laptops or changing endpoint configuration settings.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eManagers\u003c/strong\u003e who approve or recertify access or accounts.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eYou should manage privileged users as distinct and separate identities to decrease the risk to your agency’s missions if they’re compromised. Without the proper management of privileged users and accounts, your agency’s cybersecurity risks can increase. For example, employees and contractors with privileged access can:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eJeopardize sensitive information or infrastructure, knowingly or unknowingly.\u003c/li\u003e\n\u003cli\u003eCompromise the three core elements of information security: availability, confidentiality, and integrity.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eYour agency can use the \u003ca href=\"https://playbooks.idmanagement.gov/playbooks/pam/\"\u003ePrivileged Identity Playbook\u003c/a\u003e to manage privileged users following governmentwide best practices. The playbook includes a four-step process aligned with the \u003ca href=\"https://playbooks.idmanagement.gov/arch/\"\u003eFederal Identity, Credential, and Access Management Architecture\u003c/a\u003e (FICAM), designed for insider threat, identity management, and risk management professionals interested in mitigating privileged user risk. For risk management professionals, the playbook also includes a \u003ca href=\"https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final\"\u003eNIST 800-53 revision 5\u003c/a\u003e privileged user control overlay. We also encourage agencies and other IT program participants, such as cybersecurity program managers, to tailor this playbook to fit their unique organizational structure, mission, and technical requirements.\u003c/p\u003e\n\u003cp\u003eThe Privileged Identity Playbook supplements existing federal IT policies and builds on the Office of Management and Budget Memorandum (OMB) \u003ca href=\"https://www.whitehouse.gov/wp-content/uploads/2019/05/M-19-17.pdf\"\u003eMemo 19-17 - Enabling Mission Delivery through Improved Identity, Credential, and Access Management (PDF, 1 MB, 13 pages)\u003c/a\u003e and OMB \u003ca href=\"https://zerotrust.cyber.gov/federal-zero-trust-strategy/\"\u003eMemo 22-09 - Federal Zero Trust Strategy\u003c/a\u003e, as well as existing federal identity guidance and playbooks.\u003c/p\u003e\n\n\n\n\u003carticle\n  class=\"dg-note \"\n\u003e\n  \u003ch4 class=\"dg-note__heading\"\u003e\n    \u003csvg\n      class=\"dg-note__icon usa-icon dg-icon dg-icon--large\"\n      aria-hidden=\"true\"\n      focusable=\"false\"\n    \u003e\n      \u003cuse xlink:href=\"/preview/gsa/digitalgov.gov/cm-topics-button-component/uswds/img/sprite.svg#notifications\"\u003e\u003c/use\u003e\n    \u003c/svg\u003e\n    \n      Note\n    \n  \u003c/h4\u003e\n  To connect with others in our field, join the Federal CIO Council’s \u003ca href=\"https://www.idmanagement.gov/governance/ficam/\"\u003eIdentity, Credential, and Access Management Subcommittee\u003c/a\u003e. Visit the \u003ca href=\"https://www.idmanagement.gov/\"\u003eIDManagement.gov\u003c/a\u003e website to explore its resources for vendors, acquisition professionals, and vendors.\n\u003c/article\u003e\n\n"}
  ]
}