With PAM, your organization can control access to remote desktop sessions to any inventoried computersis able to secure Windows and Linux servers by vaulting the credentials needed to access those machines. These credentials can be usernames and passwords for specific computer accounts on Windows servers or SSH keys for Linux servers. If you need to access a particular machine computer to perform a task on that machine, you request a "check-out" of the vaulted credentials needed for a specific account on that machine. If approved, you initiate your remote desktop session using Privileged Session Manager (PSM). PSM that computer. When you request a check-out, your request is sent to an administrator for approval. If your request is approved, you access the machine directly from EmpowerID via Privileged Session Manager, which is an application that is embedded in your browser. When you initiate a remote desktop session, PSM opens the session in your browser using the credentials associated with an account on that machine.
...
PSM launches, you are automatically logged in to the machine and granted access to perform the tasks authorized by the credentials you checked-out. In this way, you gain access to the machine without seeing or knowing the credentials used to access it. This protects both yourself and your organization in that
...
those credentials can never be compromised.