I'm diving into Privileged Access Management (PAM) for handling check-in/check-out and password rotation for our privileged accounts used in server administration. I want to get a sense of the pros and cons between using named accounts and shared accounts. Shared accounts seem easier to manage, but they might complicate tracking actions in logs. For context, we're using Secret Server as our PAM solution. What do you all think?
5 Answers
We used to call shared accounts 'break glass' accounts when our team was smaller. Now, as our organization grows, we've adopted normal user accounts and dedicated privileged admin accounts. Access is tightly controlled with audit trails, and sensitive accounts require double authorization. As the environment changes, so should our approach to security.
If traceability is maintained, I don't see a major issue with shared accounts. However, named accounts are preferred for their individuality; they offer a personal profile and are still not too labor-intensive with systems like Secret Server.
From our past experiences, we decided on using named accounts like [prefix]-username. This gives us clarity on who performed which actions and allows us to customize access for each admin. Shared accounts can be a nightmare trying to track down who did what.
Using generic accounts can work, but it's essential to tie their use back to individual identities. Ensure there's a process in place for checkout that maintains clear logs for audits and notifies the necessary people before access is granted.
I’m against using shared privileged accounts entirely. Nothing about privileged access should be shared.
Exactly! Audit logs are crucial. I won't allow any action that can't be easily traced back to a specific individual, even with PAM in place.