|
|
|
Privileged accounts are accounts that are not assigned to individuals accounts and have access to mission critical data and processes. System Administrators use privileged accounts to perform administrative tasks on target endpoints and privileged accounts are also embedded in service files, scripts, and configuration files to facilitate unattended processing.
Privileged accounts are difficult to control because they are not assigned to an identifiable user, which renders auditing and tracing difficult. This is a vulnerability that exposes mission critical systems to accidental harm and malicious activities. Organizations must reduce the number of these privileged accounts to a minimum that satisfies operational needs.
Administrators can bypass most internal controls to access restricted information and cause denial of service (DOS) attacks by deleting or rendering applications inaccessible. Further, the activities performed using privileged accounts are difficult to correlate to an identifiable user account.
| Copyright © 2012 CA. All rights reserved. |
|