Skip to content

Implementation Phases

Implementing a Privileged Access Management (PAM) solution requires careful planning and execution to ensure a smooth deployment while minimizing disruptions to operations. Once you have gone through the requirements and pre-requisites – you can proceed with implementation.

You can make use of the suggested phases of implementation.

Phase 1: Planning, preparation and information gathering

During this phase the Securden technical team will discuss with the stakeholders to gather information regarding the various applications in scope. All the prerequisites will be identified and shared with the customer during this phase. Additionally, cybersecurity gaps that exist in the organization will be identified. Corrective measures will be suggested to the customer.

  • Establish project scope, objectives, and timelines.
  • Conduct a risk assessment and gap analysis.
  • Secure necessary budget and resources.

Phase 2: Implementation

During this phase, the Securden team will carry out the implementation of the product. Implementation of the Securden Server and configurations related to Unified PAM will be carried out.

Once the configurations are completed, the Securden team will work with individual application owners to assign the right set of access for various administrators, users, and teams.

Any other fine-tuning required will be covered during this Phase.

  • Design architecture and deployment model.
  • Develop policies and procedures for PAM implementation.
  • Deploy Unified PAM in a controlled environment.
  • Test functionality and user experience.
  • Gather feedback from pilot users.

The implementation phase will broadly cover the following activities:

It's important to note that the timeline may vary depending on the size and complexity of the organization types of IT assets, network segmentation, access patterns, Unified PAM requirements and the availability of resources.

The following represents a typical implementation schedule. Regular communication and collaboration between stakeholders, including IT teams, security teams, and business units, are essential throughout the deployment process to ensure alignment with business goals and successful implementation of the PAM solution.

Plan Details
Day
1,2
Kick-off Discussion - Discuss business and security requirements. Deployment plan timeline and the detailed steps involved. Identify success criteria and stakeholders for implementation.
Day
3,4,5
General Settings
Mail Server Settings
Proxy Server Settings
Securden Server Connectivity & Starting the PAM Server
User Onboarding
Integration with AD/Azure AD/LDAP for user provisioning and authentication
User Import Options
Add Users Manually
Assigning Roles to Users
Custom Roles
User Reports
User Groups
Import Groups Options
Group Settings
Basic Configurations
Integration with multiple AD domains / Azure AD
Integration with SAML 2.0 based Single Sign On Solutions
Multi Factor Authentication Setup
Day
6,7,8
Account Management
Automatic discovery of IT assets and privileged accounts
Importing Accounts - Flexible import options to build inventory
Secure, Centralized Repository of Accounts
Storing SSH keys, documents, files, images, digital identities
Organizing data as folders for bulk management
Optional personal vault within organization's vault
Manage Shared Admin Passwords
Granular Sharing and Controls
Secure sharing with third-parties
Option to allow access without showing the password
Periodically synchronizing assets and accounts
Windows service accounts and dependencies management
Password Management
Automated, periodic remote password resets
Self-supporting any SSH-enabled device for password resets
Password release control workflow for just-in-time access
Password policy creation and enforcement
Role based access controls
Remote Access and Session Management
Support for one-click remote session initiation - RDP, SSH, SQL, HTTPS etc.
Web-based remote connection launching
Remote connection through native tools for RDP, SSH, SQL
Session access without disclosing password
Session Recording, Playback, Live Remote Session Monitoring, Concurrency Controls
Custom connector for launching any application - Custom Application Launcher
Remote gateways to manage distributed networks
Application-to-Application Password Management
APIs for managing machine identities, application identities, secrets, keys
Eliminate embedded credentials on script files, applications
Privilege Elevation & Delegation
Remove admin rights across Windows endpoints, servers
Configure Applications and commands for privilege elevation
Elevate applications for standard users on-demand
Configure policy-based application control
Provision for granting temporary admin rights
Support for command filtering and controls on Unix
Technician Access - (/Third Party Access)
Day
9,10,11
Audit, Reports and Notifications
Explore comprehensive auditing & reporting
Searchable text-based audit trails
Filtering audit trails to create custom reports
User access and activity reports
Policy compliance reports
Password expiration reports
Micro reports for specific requirements
Breached passwords identification and notification
Password security analysis report
Provision to trigger automated follow-up actions upon events
Password event notifications (real-time and periodic)
Advanced Settings, High Availability, and Architecture
On-prem, private cloud deployments
Distributed server deployment architecture
Database backup for disaster recovery
High-availability
Option to use Always-on MS SQL clusters, Amazon Aurora
Best Practices, Security Hardening, Miscellaneous
Configure ticketing system integration
Configure cloud storage integration
Provision web-based access to end users
Enforce security settings and controls (IP restrictions, enabling/disabling access)
Provision for restricted access over the internet
Explore browser extensions
Cross-platform access
Mobile Apps
Secure offline access
Day
12
User Acceptance Testing
Day
13,14
Delivery and closure

Phase 3: Monitoring and troubleshooting

During this phase, Securden will familiarize the team with product components and their uses. The customer team will be walked through the architecture configured for the customer. We will also explain various use cases, day-to-day handling, best practices approach, and troubleshooting tips. The training will be delivered in person and cost estimates have been provided as part of the commercial proposal.

  • Implement monitoring and reporting mechanisms.
  • Monitor Unified PAM for performance and security issues.
  • Conduct regular audits and reviews with users.
  • Track all issues and gather troubleshooting material
  • Continuously update policies and procedures based on lessons learned.

Phase 4: Project Closure, Documentation

The project closing phase will involve gathering insights, checking implementation success based on the success criteria defined, handing over the project and gathering documentation.

  • Gather security insights based on audits
  • Deployment architecture and configuration documents
  • Collect product guides and manuals

With all phases of implementation complete, you can track your progress and inform the executives of the program's success. While implementation is complete with these four phases, it is important to review your PAM objectives, and keep in touch with the Securden team to align with future goals.

When set up well, Uni ed PAM provides holistic access security for all your sensitive data and IT assets. It regulates privileged access, protects sensitive accounts, automates repetitive tasks and best practices, enforces policies and controls, safeguards your infrastructure from internal/external threats, and mitigates security risks. All while keeping operational efficiency high.

Note: You may refer to the PAM Admin Guide to know about the product configurations, troubleshooting steps, and other features to start working on the solution.