This document lists and describes several types of privileged accounts commonly found in organizations, including local and domain administrative accounts, break glass accounts, service accounts, Active Directory accounts, and application accounts. It notes that privileged accounts are increasingly associated with machine rather than human identities due to automated workflows, adding security complexity.
This document lists and describes several types of privileged accounts commonly found in organizations, including local and domain administrative accounts, break glass accounts, service accounts, Active Directory accounts, and application accounts. It notes that privileged accounts are increasingly associated with machine rather than human identities due to automated workflows, adding security complexity.
This document lists and describes several types of privileged accounts commonly found in organizations, including local and domain administrative accounts, break glass accounts, service accounts, Active Directory accounts, and application accounts. It notes that privileged accounts are increasingly associated with machine rather than human identities due to automated workflows, adding security complexity.
Examples of privileged accounts typically in an organization:
Local administrative accounts: Non-personal accounts providing
administrative access to the local host or instance only. Domain administrative accounts: Privileged administrative access across all workstations and servers within the domain. Break glass (also called emergency or firecall) accounts: Unprivileged users with administrative access to secure systems in the case of an emergency. Service account: Privileged local or domain accounts that are used by an application or service to interact with the operating system. Active Directory or domain service accounts: Enable password changes to accounts, etc. Application accounts: Used by applications to access databases, run batch jobs or scripts, or provide access to other applications.
Increasingly, privileged accounts are associated with a machine identity,
rather than a human one. The proliferation of machine accounts, such in RPA and other automated workflows, adds significant security complexity to IT environments and provides an important use case for PAM systems.