A type of non-human identity used by computer systems to perform automated tasks or manage resources.
Description
System accounts are specialized accounts created for the purpose of allowing software applications, services, or operating systems to perform functions without direct human intervention. These accounts are crucial in environments where automation is necessary, such as in web servers, database management systems, and enterprise applications. System accounts typically have specific permissions tailored to their operational needs, allowing them to access resources while maintaining security guidelines. Unlike user accounts, system accounts may not have associated personal information and are often managed by IT departments. They can be configured to run background processes, schedule tasks, or respond to system events. Because they operate autonomously, the security of system accounts is paramount; they should follow best practices such as strong password policies and regular audits to prevent unauthorized access or misuse.
Examples
- A database service account that manages connections to a database server.
- An application server account that runs background jobs for processing data.
Additional Information
- System accounts should be monitored regularly to detect any unusual activity.
- It's advisable to limit the permissions of system accounts to only what is necessary for their function.
References
- What is a Non-Human Identity? - CyberArk
- A Human's Guide to Non-Human Identities (NHIs) - Aembit
- What is a Non-Human Identity? | Silverfort Glossary
- Non-Human Identity Management - Veza
- The Invisible Army of Non-Human Identities - Dark Reading
- The State of Non-Human Identity Security | CSA
- What are non-human identities - Astrix Security
- What Are Non-Human Identities? - ConductorOne
- Security Operations for Non-Human Identities - The Hacker News
- NHI Characteristics. Non-Human Identities (NHIs)… | Sep, 2024