Attributes and functionalities associated with Non-Human Identities (NHIs) within a system.
Description
System Account Characteristics refer to the specific attributes, functionalities, and behaviors of Non-Human Identities (NHIs) that are created and managed within IT systems. NHIs are typically accounts that represent automated processes, applications, or services rather than individual human users. Key characteristics include unique identifiers, access privileges, authentication methods, and the purposes they serve within the system. For example, an NHI might be used for an automated backup service, which would require specific permissions to access data storage but not the ability to modify user accounts. Understanding these characteristics is critical for security, as NHIs often have elevated privileges and can pose risks if mismanaged. Furthermore, proper management of system account characteristics helps ensure compliance with regulations and organizational policies, facilitating better monitoring and auditing of system activities. By defining and controlling the characteristics of NHIs, organizations can enhance their security posture and reduce the likelihood of unauthorized access or misuse.
Examples
- Automated backup service account with access to cloud storage.
- API service account used for integrating third-party applications.
Additional Information
- NHIs often have distinct password policies to enhance security.
- Regular audits of NHIs help in identifying potential security vulnerabilities.
References
- What are non-human identities and why do they matter?
- Non-human Account Management (v4)
- Identity 101: Basic Terminology Part 1
- Identities & Identifiers | Spherity
- identity - Glossary | CSRC
- Glossary | Identification for Development
- Skimbles 101
- The Architecture of Identity Systems - Phil Windley - Medium
- Human vs. Non-Human Identity in SaaS
- Accounts < CF < TWiki