Sectona Logo
  • Platform

    Sectona Security Platform

    Sectona Security Platform Thumbnail
    Explore Platform

    Products

    Privileged Access Management Icon

    Privileged Access Management
    Manage Passwords, Secrets & Monitor Sessions

    Endpoint Privilege Management Icon

    Endpoint Privilege Management
    Control and Secure Administrators Credentials

    Privileged Access Governance Icon

    Privileged Access Governance
    Govern Privileged Entitlement

    Platform Capabilities

    Continuous Discovery Icon

    Continuous Discovery

    Password Management Icon

    Password Management

    Secure Remote Access Icon

    Secure Remote Access

    Session Recording and Threat Analytics Icon

    Session Recording and Threat Analytics

    Multi-Factor Authentication Icon

    Multi-Factor Authentication

    Just-in-time Access Icon

    Just-in-Time Access

    Privileged Task Management Icon

    Privileged Task Management

    Account Lifecycle Management Icon

    Account Lifecycle Management

  • Solutions
    Accelerating Privilege Management Thumbnail

    Accelerating Privilege Management Transformation

    Read Whitepaper
    By Use Case Icon

    BY USE-CASES

    Secure Remote Privileged access

    Remove Administrator Rights

    Secure Cloud Environments

    Automate Entitlement Reviews

    Simplify Privileged Account Lifecyle

    By Initiative Icon

    BY INITIATIVE

    PCI-DSS Compliance

    ISO 27002

    SWIFT Security Framework

    Documentation Downloads Request Demo
  • Resources
    Accelerating Privilege Management Thumbnail

    Accelerating Privilege Management Transformation

    Read Whitepaper
    Resources Icon

    RESOURCES

    Datasheets

    Solution Briefs

    Whitepapers

    Case Studies

    Guides & Toolkits

    View All Resources

    Learn Icon

    LEARN

    PAM 101

    Technology Blog

    Product Updates

    Documentation

    Explore

    Documentation
    Learn How to Implement & Manage
    Downloads
    Find Software, Plugins & Updates
    Request Demo
  • Services

    From the Blog

    Gartner Magic Quadrant

    Gartner Magic Quadrant 2021: Sectona PAM Gets a Notable Mention

    Read Whitepaper
    TRAINING & SERVICE Professional Services Get the help you need to succeed with your privileged access management project.Explore
    Training & Certification Access learning and trainings options to improve the success of Sectona platform.Explore
    Get Support Icon

    GET SUPPORT

    Email Us

    Create a Case

    Customer Success

    Download Resources

    Explore

    Documentation
    Learn How to Implement & Manage
    Downloads
    Find Software, Plugins & Updates
    Request Demo
  • Company
    COMPANY
    Company Thumbnail

    About Us

    Customers

    Events

    Contact Us

    PARTNER
    Partner Thumbnail

    Find a Partner

    Become a Partner

    Register a Deal

    CAREERS
    Career Thumbnail

    Join the Team

    Explore Career Opportunities

    Explore Fellowship Program

    Become a Partner Become a Partner
Request Demo
Sectona Logo
  • Home
  • Platform
    • Continuous Discovery
    • Password Management
    • Secure Remote Access
    • Session Recording and Threat Analytics
    • Multi-Factor Authentication
    • Just In Time Access
    • Privileged Task Management
    • Account Lifecycle Management
    • Windows Privilege Management
    • Privileged Access Governance
  • Solutions
    • Secure remote privileged access
    • Remove Administrator Rights
    • Secure Cloud Environments
    • Automate Entitlement Reviews
    • Simplify Privileged Account lifecycle
    • PCI DSS Compliance Pertaining to Privileged Access
    • ISO 27002 Standard – Best Practices for PAM
    • SWIFT Security Framework For Privileged Access
  • Resources
    • Blog
    • PAM 101
    • Resources
  • Services
    • Professional Services – Personalised Industry Based Solution
    • Training & Certifications – Gain Insight into Sectona Platform
  • Company
    • About Us
    • Contact Us
    • Branding
    • Customers
  • Partner
    • Find a Partner
    • Become a Sectona Partner
    • Register a Deal
  • Explore
    • Documentation
    • Downloads
    • Free Edition – Get Your Free Trial Today
    • Explore the Sectona Security Platform
Menu
  • Home
  • Platform
    • Continuous Discovery
    • Password Management
    • Secure Remote Access
    • Session Recording and Threat Analytics
    • Multi-Factor Authentication
    • Just In Time Access
    • Privileged Task Management
    • Account Lifecycle Management
    • Windows Privilege Management
    • Privileged Access Governance
  • Solutions
    • Secure remote privileged access
    • Remove Administrator Rights
    • Secure Cloud Environments
    • Automate Entitlement Reviews
    • Simplify Privileged Account lifecycle
    • PCI DSS Compliance Pertaining to Privileged Access
    • ISO 27002 Standard – Best Practices for PAM
    • SWIFT Security Framework For Privileged Access
  • Resources
    • Blog
    • PAM 101
    • Resources
  • Services
    • Professional Services – Personalised Industry Based Solution
    • Training & Certifications – Gain Insight into Sectona Platform
  • Company
    • About Us
    • Contact Us
    • Branding
    • Customers
  • Partner
    • Find a Partner
    • Become a Sectona Partner
    • Register a Deal
  • Explore
    • Documentation
    • Downloads
    • Free Edition – Get Your Free Trial Today
    • Explore the Sectona Security Platform
Home / Technology / How to start your Privileged Account Security Program
ByShruti Kulkarni February 11, 2018December 6, 2022

How to start your Privileged Account Security Program

How-To-Start-Your-Privileged-Account-Security-Program-Blog-Featured-Image

What are Privileged Accounts?

Privileged Accounts, as the name suggests are only for privileged users, super-users and administrators who are entrusted with the responsibility of managing infrastructure or cloud critical systems. These super users are equipped with certain privileged access rights that are not equally enjoyed by other end users.

Every system – be it OS, Databases, Network Devices or Applications – there are privileged accounts that are assigned on each of them to perform critical activities. Quite naturally, this means that there can be an abuse of the privileges, intentionally or accidentally, if not appropriately monitored and controlled. (Read how to plan against privilege abuse)

Interestingly, there are different types of privileged accounts that can be assigned to a system. The simplest of privileged account that most know of and can relate to is the default ‘administrator’ account you have seen on your system. This account has been granted rights to have complete control of the system and do anything in the purview of the operations of the system.

Types of Privileged Accounts

Local Account:

These accounts have the access for a single system that the user is using i.e. it is local to the user. The user id and password are stored locally on the hard drive of the system being used. Default administrator accounts are local accounts.

The local account provides us with the account usability as what programs can be installed or removed, what type of files can be accessed which services can be run or blocked on  the system etc.

Domain Account:

These accounts keep IT users’ id and password on the domain controller rather than the system in which it is logged in. As soon as the domain user logs in the system, the privileges of that user are being asked by the domain controller accordingly then the access is granted to that particular user.

These types of accounts are used wherein workload is divided among many, so a centralized access for them has been provided by the domain within few computers.

Service Account:

This account is for the users to provide them with the security on the services which are running on their systems. The services can be configured using the task manager or windows PowerShell.

There are basically three types of service accounts in an operating system:

a) Standalone Managed Service Accounts
b) Group Managed Service Accounts
c) Virtual Accounts

Application Account:

These accounts vary from business related forms to database logins. They basically deal with all types of critical roles over the network, depending on peer to peer applications. These types of accounts have been designed to track one’s application by logging in to that particular account application.

Default Accounts

Our focus though will be the default administrator accounts & built in accounts. These accounts come into picture during the time of installation of devices and services. When the systems are installed for the first time, the operating system or database or the service installs with default user accounts.

These account settings are known as default administrative rights because they have been pre-defined by the software developers of the system. There are various types of default accounts available in various operating systems such as administrator for windows, root for Linux, db2admin for IBMDb2, administrator for Microsoft Server 2012 etc.

The security risks, however, come into play when there is a misuse of the access privileges granted to these accounts. This administrator can also create other accounts with equal administrator rights and sometimes this leads to creation of new privileged accounts that security teams may or may not know about. So the unaware security team will do the necessary checks to ensure that the access and credentials of the known default administrator accounts are protected. However, the abuse of these privileged accounts created will lie unnoticed that can expose a scathing attack surface.

With security risks around privileged account management taking the driver’s seat, this has become the topic of discussion even among Board of Directors. Given the nature of cyber-attacks that have been happening in the recent past where privileged account misuse have been identified as the top attack vector, regulations have tightened with focus around these privileged accounts.

These regulatory frameworks are constantly evolving and that poses ‘challenges’ to CIOs and CISOs making it imperative for them to adhere to those regulations to avoid business and reputational losses. A quick recap and gist of the compliance policies are highlighted below.

Regulatory Challenges for Privileged Accounts

NAMECLAUSEDESCRIPTION
Payment Card Industry Data Security Standard(PCI DSS v3)Build and Maintain a Secure Network and Systems1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security parameters
Health Insurance Portability and Accountability Act (HIPAA-April-2014)164.308(a)(5)Password Management
ISO-IEC-27001-2013A.9.2.2User Access Provisioning
A.9.2.3Management of privileged access rights
A.9.2.4Management of secret authentication information of users

If you notice, the regulatory frameworks consistently talk about protecting privileged user credentials and securing their access mechanisms. Essentially for this, you need a deeply integrated and cross-platform Privileged Access Management approach.

Where can Sectona help?

While everyone is aware of the above regulations, no one completely knows or is aware of how to start their privileged security program. And the first step is to identify all the default accounts that are present in their on-premise or cloud infrastructure stack. So, as security consultants, we have stepped in and taken the ownership to ease out your work and educate you with a starting point to your Privileged Security Program by providing you with a comprehensive list of default accounts that can be found across infrastructure assets.

You may download the template below. Also, we provide a collaborative, integrated and cross-platform approach based Privileged Access Management Solution Sectona formerly known as Spectra.

DOWNLOAD THE LIST

Start now, exploit this knowledge, prioritize your privileged access security and stay compliant. Do keep a lookout for additional resources across network devices and SaaS applications in the coming weeks.

Contents

  • 1 What are Privileged Accounts?
  • 2 Types of Privileged Accounts
  • 3 Default Accounts
  • 4 Regulatory Challenges for Privileged Accounts
  • 5 Where can Sectona help?
Was this article helpful?
YesNo

Recent Posts

  • Privileged User Behaviour Analytics to Analyze Threats in Advance

    Privileged User Behaviour Analytics to Analyze Threats in Advance

    January 12, 2023
  • What is a Ransomware Attack?

    What is a Ransomware Attack?

    January 9, 2023
  • Sectona is recognized as a 2022 Gartner® Peer Insights™ Customers Choice for Privileged Access Management 

    Sectona is recognized as a 2022 Gartner® Peer Insights™ Customers Choice for Privileged Access Management 

    January 5, 2023
  • One of the world’s largest mobile operators implements Sectona PAM

    One of the world’s largest mobile operators implements Sectona PAM

    December 21, 2022
  • Year-in-Review: Looking Back at 2022

    Year-in-Review: Looking Back at 2022

    December 15, 2022

Explore


  • About
  • Careers We're Hiring
  • Contact Us
  • Security Platform
  • Partners
  • Documentation
  • Sectona Blog
  • PAM 101New
  • Branding
  • Events

Capabilities


  • Continuous Discovery
  • Password Management
  • Secure Remote Access
  • Session Recording and Threat Analytics
  • Mutli-Factor Authentication
  • Just-in-Time Access
  • Privileged Task Management
  • Account Lifecycle Management

Solutions


  • Secure Remote Privileged Access
  • Remove Administrator Rights
  • Secure Cloud Environments
  • Automate Entitlement Reviews
  • Simplify Privileged Account Lifecyle
Sectona Gartner Peer Insights Rating Sectona ISO Certification
Sectona Logo

© 2023 Sectona Technologies Private Limited. All rights reserved. All trademarks held by their respective owners.

PRIVACY POLICY | TERMS | EULA | RESPONSIBLE DISCLOSURE

Scroll to top
  • Home
  • Platform
    • Continuous Discovery
    • Password Management
    • Secure Remote Access
    • Session Recording and Threat Analytics
    • Multi-Factor Authentication
    • Just In Time Access
    • Privileged Task Management
    • Account Lifecycle Management
    • Windows Privilege Management
    • Privileged Access Governance
  • Solutions
    • Secure remote privileged access
    • Remove Administrator Rights
    • Secure Cloud Environments
    • Automate Entitlement Reviews
    • Simplify Privileged Account lifecycle
    • PCI DSS Compliance Pertaining to Privileged Access
    • ISO 27002 Standard – Best Practices for PAM
    • SWIFT Security Framework For Privileged Access
  • Resources
    • Blog
    • PAM 101
    • Resources
  • Services
    • Professional Services – Personalised Industry Based Solution
    • Training & Certifications – Gain Insight into Sectona Platform
  • Company
    • About Us
    • Contact Us
    • Branding
    • Customers
  • Partner
    • Find a Partner
    • Become a Sectona Partner
    • Register a Deal
  • Explore
    • Documentation
    • Downloads
    • Free Edition – Get Your Free Trial Today
    • Explore the Sectona Security Platform