The Ministry of Health and Social Protection has announced the launch of an international call for proposals to select a technology provider for the development of a Privileged Access Management (PAM) system. This initiative aims to enhance the protection of its sensitive digital systems, with an estimated budget of 4.57 million dirhams, including fees.
According to the specifications, this project is part of the ministry’s efforts to modernize its cybersecurity infrastructure and secure its data, both at its central headquarters and at the national data center (Maroc Datacenter) located in Temara, which hosts several information systems specific to healthcare institutions.
The new system aims to establish a comprehensive mechanism for monitoring and managing access to sensitive systems, including session tracking and controlling user permissions, whether from within the ministry or from external service providers. It also allows for secure password storage and continuous auditing of access operations to ensure the highest levels of transparency and accountability.
The specifications require the system to accommodate at least 150 concurrent users and to be scalable in the future without restrictions on the number of devices or IP addresses. It will be installed on two separate infrastructures: one within the ministry and the other at the national data center, ensuring complete independence of local user permissions from service providers.
Additionally, the technical solution must feature “high availability” (HA) and adopt an “agent-less” architecture, with advanced functionalities that include video session recording, password management, SSH key management, detailed activity monitoring, as well as automatic archiving and the generation of custom reports for relevant authorities.
The ministry is obligated under the contract to train the technical staff of the Information Systems Department, either through official training courses or through knowledge transfer during the project implementation, in addition to providing technical support and maintenance for three years post-installation.
This project is expected to be a significant leap forward in information security within the health sector, given the increasing cyber threats targeting critical infrastructure. It reflects the ministry’s commitment to enhancing digital trust, ensuring the continuity of healthcare services, and safeguarding citizens’ data.
