What are the business problems related to privileged accounts?
It can be difficult to securely manage access to thousands of
privileged accounts. Consequently, in many organizations,
the passwords to privileged accounts are:
known to many people, possibly including former staff,
often the same on many systems,
rarely if ever changed and
stored in plaintext, by people and by applications.
There are serious consequences to these password management
There is no accountability for use of shared, privileged accounts.
This is a security risk and regulatory compliance problem and can
increase the difficulty of diagnosing operation problems and auditing
Former staff may retain sensitive access.
Malicious actors have an easier time compromising an enterprise's
If one system is compromised (e.g., an IT user's PC or an application
server), the threat actor can leverage passwords stored or typed on that
system to compromise additional systems.