A privileged account with full access to system resources and configuration.
Description
In the context of Non-Human Identities (NHIs), an Admin or Root Account refers to a type of account that possesses elevated privileges, allowing it to perform any action on a system or network. These accounts are typically used by system administrators or automated processes that require unrestricted access to manage resources, configure settings, and enforce security policies. Admin accounts can create, modify, or delete user accounts and change system configurations, which makes them crucial for maintaining the integrity and functionality of IT environments. However, the powerful capabilities of these accounts also pose a significant security risk if not managed properly. Unauthorized access to an Admin or Root Account can lead to data breaches, system downtime, and unauthorized changes to critical infrastructure. Therefore, organizations should implement strict access controls, regular audits, and monitoring practices to safeguard these accounts and ensure that only trusted processes and personnel have access to them.
Examples
- A root account on a Linux server that has full control over the system.
- An admin account in a cloud environment that can manage resources and user permissions.
Additional Information
- Best practices include using multi-factor authentication for access to Admin accounts.
- Regularly reviewing and auditing Admin account usage can help mitigate security risks.
References
- Non-Human Identity Management - Veza
- What is non-human identity management - Veza
- How does Non-Human Identity complement Privileged Access ...
- The Complete Guide to the Growing Impact of Non-Human Identities ...
- Access Risks of Non-Human Identities - SGNL
- Shining the Spotlight on the Rising Risks of Non-Human Identities
- Managing the Invisible Risk of Non Human Identities - One Identity