Azure Privileged Access Management (PAM) is an identity security system that helps organizations protect themselves against cyber risks by monitoring, detecting, and preventing unwanted privileged access to important resources in the cloud. Azure provides diverse tooling to identify acceptable levels of security controls consistent with company Identity and Access Management policies. Two specific Azure PAM solutions are Bastion and PIM. Azure Bastion is a hardened "jump box" that allows users to connect to virtual machines using a browser or native SSH/RDP client, reducing the attack surface by enabling VM management port access in real time through an access request workflow. PIM is a service in Azure Active Directory that allows teams to manage, control, and monitor access to critical organizational resources, including Azure AD and Azure resources, with policy-driven objectives such as allowing only-when-needed privileged access and enforcing multi-factor authentication. Both solutions require additional costs and licensing requirements, with Azure Bastion pricing starting at $0.19 per hour and PIM requiring Azure Active Directory Premium P2 licenses.