A non-human identity used to manage and operate server processes and applications.
Description
A server account is a type of non-human identity (NHI) specifically designed to facilitate the operation and management of server-based applications and services. Unlike user accounts, which are associated with individual human users, server accounts are typically utilized by software applications, services, or automated processes that require access to system resources. These accounts often possess elevated privileges to perform tasks such as running background services, accessing databases, and executing scripts. Server accounts help in maintaining security and ensuring that only authorized applications can interact with sensitive system components. They are commonly configured with specific permissions tailored to their functions, thereby minimizing the risk of unauthorized access or data breaches. Best practices for managing server accounts include regular password updates, monitoring account activity, and implementing the principle of least privilege, which restricts account permissions to the minimum necessary for functionality.
Examples
- Database server account used by a web application to interact with the database.
- Application server account for running a content management system.
Additional Information
- Server accounts should be regularly audited for security compliance.
- Use of service accounts can reduce the risk of credential theft in cases of application vulnerabilities.