What are Privileged Accounts?

Privileged Accounts, as the name suggests are only for privileged users, super-users and administrators who are entrusted with the responsibility of managing infrastructure or cloud critical systems. These super users are equipped with certain privileged access rights that are not equally enjoyed by other end users.

Every system – be it OS, Databases, Network Devices or Applications – there are privileged accounts that are assigned on each of them to perform critical activities. Quite naturally, this means that there can be an abuse of the privileges, intentionally or accidentally, if not appropriately monitored and controlled. (Read how to plan against privilege abuse)

Interestingly, there are different types of privileged accounts that can be assigned to a system. The simplest of privileged account that most know of and can relate to is the default ‘administrator’ account you have seen on your system. This account has been granted rights to have complete control of the system and do anything in the purview of the operations of the system.

Types of Privileged Accounts

Local Account:

These accounts have the access for a single system that the user is using i.e. it is local to the user. The user id and password are stored locally on the hard drive of the system being used. Default administrator accounts are local accounts.

The local account provides us with the account usability as what programs can be installed or removed, what type of files can be accessed which services can be run or blocked on the system etc.

Domain Account:

These accounts keep IT users’ id and password on the domain controller rather than the system in which it is logged in. As soon as the domain user logs in the system, the privileges of that user are being asked by the domain controller accordingly then the access is granted to that particular user.

These types of accounts are used wherein workload is divided among many, so a centralized access for them has been provided by the domain within few computers.

Service Account:

This account is for the users to provide them with the security on the services which are running on their systems. The services can be configured using the task manager or windows PowerShell.

There are basically three types of service accounts in an operating system:

a) Standalone Managed Service Accounts
b) Group Managed Service Accounts
c) Virtual Accounts

Application Account:

These accounts vary from business related forms to database logins. They basically deal with all types of critical roles over the network, depending on peer to peer applications. These types of accounts have been designed to track one’s application by logging in to that particular account application.

Default Accounts

Our focus though will be the default administrator accounts & built in accounts. These accounts come into picture during the time of installation of devices and services. When the systems are installed for the first time, the operating system or database or the service installs with default user accounts.

These account settings are known as default administrative rights because they have been pre-defined by the software developers of the system. There are various types of default accounts available in various operating systems such as administrator for windows, root for Linux, db2admin for IBMDb2, administrator for Microsoft Server 2012 etc.

The security risks, however, come into play when there is a misuse of the access privileges granted to these accounts. This administrator can also create other accounts with equal administrator rights and sometimes this leads to creation of new privileged accounts that security teams may or may not know about. So the unaware security team will do the necessary checks to ensure that the access and credentials of the known default administrator accounts are protected. However, the abuse of these privileged accounts created will lie unnoticed that can expose a scathing attack surface.

With security risks around privileged account management taking the driver’s seat, this has become the topic of discussion even among Board of Directors. Given the nature of cyber-attacks that have been happening in the recent past where privileged account misuse have been identified as the top attack vector, regulations have tightened with focus around these privileged accounts.

These regulatory frameworks are constantly evolving and that poses ‘challenges’ to CIOs and CISOs making it imperative for them to adhere to those regulations to avoid business and reputational losses. A quick recap and gist of the compliance policies are highlighted below.

Regulatory Challenges for Privileged Accounts

NAME	CLAUSE	DESCRIPTION
Payment Card Industry Data Security Standard(PCI DSS v3)	Build and Maintain a Secure Network and Systems	1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters
Health Insurance Portability and Accountability Act (HIPAA-April-2014)	164.308(a)(5)	Password Management
ISO-IEC-27001-2013	A.9.2.2	User Access Provisioning
A.9.2.3	Management of privileged access rights
A.9.2.4	Management of secret authentication information of users

If you notice, the regulatory frameworks consistently talk about protecting privileged user credentials and securing their access mechanisms. Essentially for this, you need a deeply integrated and cross-platform Privileged Access Management approach.

Where can Sectona help?

While everyone is aware of the above regulations, no one completely knows or is aware of how to start their privileged security program. And the first step is to identify all the default accounts that are present in their on-premise or cloud infrastructure stack. So, as security consultants, we have stepped in and taken the ownership to ease out your work and educate you with a starting point to your Privileged Security Program by providing you with a comprehensive list of default accounts that can be found across infrastructure assets.

You may download the template below. Also, we provide a collaborative, integrated and cross-platform approach based Privileged Access Management Solution Sectona formerly known as Spectra.

DOWNLOAD THE LIST

Start now, exploit this knowledge, prioritize your privileged access security and stay compliant. Do keep a lookout for additional resources across network devices and SaaS applications in the coming weeks.

Contents

1 What are Privileged Accounts?
2 Types of Privileged Accounts
3 Default Accounts
4 Regulatory Challenges for Privileged Accounts
5 Where can Sectona help?

Was this article helpful?

YesNo

Sectona Security Platform

Products

Platform Capabilities

Continuous Discovery

Password Management

Secure Remote Access

Session Recording and Threat Analytics

Multi-Factor Authentication

Just-in-Time Access

Privileged Task Management

Account Lifecycle Management

Secure Remote Privileged access

Remove Administrator Rights

Secure Cloud Environments

Automate Entitlement Reviews

Simplify Privileged Account Lifecyle

PCI-DSS Compliance

ISO 27002

SWIFT Security Framework

Datasheets

Solution Briefs

Whitepapers

Case Studies

Guides & Toolkits

View All Resources

PAM 101

Technology Blog

Product Updates

Documentation

Explore

Email Us

Create a Case

Customer Success

Download Resources

Explore

About Us

Customers

Events

Contact Us

Find a Partner

Become a Partner

Register a Deal

Join the Team

Explore Career Opportunities

Explore Fellowship Program

What are Privileged Accounts?

Types of Privileged Accounts

Default Accounts

Regulatory Challenges for Privileged Accounts

Where can Sectona help?