AWS Logo
Menu
🔐 Types of Privileged Accounts 💼✨

🔐 Types of Privileged Accounts 💼✨

various types of privileged accounts and how to protect them, here are some pieces of advice.

cybersecuritysecurityiam-identity-centre
Manikanta Suru
Published Dec 5, 2023
1. ROOT or Super User Accounts:-
  • Use the Highest access level for system and network control.
  • Attack Vectors Targeted for exploitation through OS vulnerabilities or social engineering.
How to Protect:
  • Implement strong authentication.
  • Regularly update the OS.
  • Use intrusion detection systems (IDS/IPS).
  • Restrict access to trusted administrators.
2. Admin Accounts
  • Use In Windows Administrator environments, with extensive access.
  • Attack Vectors Vulnerability exploits, brute force attacks, or privilege escalation.
How to Protect:
  • Enforce strong password policies.
  • Implement two-factor authentication (2FA).
  • Restrict administrative access to necessary personnel.
  • Regularly patch Windows systems.
3. Database Admin Accounts
Use: Managed by DBAs for database control and optimization.
Attack Vectors: Exploitation of weak configurations, SQL injection, or phishing attacks.
How to Protect:
  • Use strong database access controls.
  • Regularly update the database software.
  • Apply least privilege principles.
  • Monitor database activity.
4. Service Accounts
  • Use Utilized by applications or services with elevated privileges.
  • Attack Vectors Compromised through application vulnerabilities, weak credentials, or privilege escalation.
How to Protect:
  • Protect the applications.
  • Limit service account privileges.
  • Secure and regularly rotate passwords.
  • Monitor service account activity.
5. Application Accounts
  • Use Run specific applications with predefined permissions.
  • Attack Vectors Targeted for application vulnerabilities, weak permissions, or stolen credentials.
How to Protect:
  • Secure the applications.
  • Apply the principle of least privilege.
  • Enforce strong authentication.
  • Regularly monitor and audit activity.
6. Vendor or Third-Party Accounts
  • Use Privileged access for third-party support.
  • Attack Vectors : Compromised through supply chain attacks, social engineering, or vendor weaknesses.
How to Protect:
  • Vet and audit third-party vendors.
  • Restrict external access.
  • Require strong authentication.
  • Monitor third-party activity.
7. Privileged User Accounts
  • Use: Elevated access for specific tasks by employees or administrators.
  • Attack Vectors: Insider threats, social engineering, or phishing.
How to Protect:
  • Educate on security best practices.
  • Enforce strong password policies.
  • Regularly monitor and audit activity.
  • Implement user behaviour analytics.
8. Emergency Break-Glass Accounts
  • Use Emergency access when standard access is unavailable.
  • Attack Vectors Targeted through weak password management or unauthorized access.
How to Protect:
  • Encrypt and protect emergency account credentials.
  • Restrict access to trusted individuals.
  • Implement strong multi-factor authentication.
  1. 9. Shared Accounts
  • Use Shared access for designated purposes.
  • Attack Vectors Password sharing, weak access controls, unauthorized access.
How to Protect:
  • Implement strong access controls.
  • Enforce individual accountability.
  • Regularly change shared account passwords.
  • Audit shared account activity.
Stay secure and informed! 🛡️✨ #CyberSecurity #PrivilegedAccess #TechSecurity 🚀

Comments