A Privileged Access Workstation (PAW) is a computer provisioned by the Information Security Office (ISO) to provide a dedicated computing environment for sensitive tasks that is protected from Internet attacks and other threat vectors.
A PAW separates these sensitive tasks and accounts from non-administrative computer use, such as email and web browsing.
A PAW has the following characteristics:
- Dedicated hardened systems that provide high security assurance for sensitive accounts and tasks
- Built on trusted hardware with clean source media, instrumented and monitored for full visibility
- Includes expedited and automated patching of security updates to ensure system security
A PAW provides increased security for IT administrators working with High Risk servers and applications. This includes, but is not limited to, Active Directory and administrative access to databases, web servers, and application servers bearing High Risk Data. It is part of the Minimum Security Standards for High Risk systems.
The Information Security Office maintains a pool of almost fully configured PAW systems for rapid deployment. To get started, request a PAW. ISO will contact you to arrange a hardware hand-off and configuration of the necessary credentials for its use.
For IT professionals
- Privileged Access Workstation (PAW) Frequently Asked Questions
- Configuring Firewalls for Privileged Access Workstations
- Using a Privileged Access Workstation (PAW)
- Privileged Access Workstation Software Load