Wednesday, January 27, 2021
  • Ghidra 101: Decoding Stack Strings
  • What Does Data Privacy Mean to Consumers and Corporations?
  • Making It Easier To Experiment With Compiled Swift Code In R
  • Sitdown with a SOC Star: 13 Questions With Adva Harosh of First Quality
  • There is No Cloud Security Market Segment with Richard Stiennon

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Security+: Differentiating Common Account Management Practices

Security+: Differentiating Common Account Management Practices

by InfoSec Resources on June 27, 2018

Introduction

Account management is one of the most important aspects of an organization’s security posture. Not only do the decisions affect how users interact with their network and systems, but account management embodies many key security principles. Therefore, understanding the range of account types as well as how to employ and manage each is a foundational skill of Security+ professionals. This article explores the various account types, account policy enforcement mechanisms, and other concepts that must be mastered on the path to the CompTIA Security+ certification.

Account Types

No matter what applications or systems you are using, when you log in with your credentials, your username is assigned a level of authority and access to functions, resources, and data. While these permissions are handled behind the scenes, each user is associated with one of several account types. A user account holds the most limited amount of access to a system, but it is also the level that the vast majority of users have. A user level account often prevents the installation of new applications, changes to global settings or rules, and limits other functions or files, focusing on core business functionality.

A shared account, sometimes known as a generic account, is one that can be utilized by more than one assigned user. This account type is often used by teams that share similar functions – known as group-based access – or by casual users that need access to a system in a limited capacity. While shared accounts allow for flexibility, they also introduce challenges, including the inability to tie a specific person to an action made while logged in. Each person with access to the generic account can also access the same functions and files as everyone else, which could lead to data integrity issues. Some organizations also utilize (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by InfoSec Resources. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/DWCZJJos_u8/

June 27, 2018June 27, 2018 InfoSec Resources Differentiating Common Account Management Practices
  • ← Security+: How Resiliency and Automation Strategies Reduce Risk
  • Security+ Domain #5: Risk Management →

TechStrong TV – Live

Watch latest episodes and shows
Featured Blog

Eric Kedrosky

The Future of Multi-Cloud Security: A Look Ahead at Intelligent Cloud Security Posture Management Solutions

Sonrai Security Marketing

AWS Checklist for 2021: Expert Advice on Security and Risk Priorities

Pam Sornson, JD – Contributed Writer

IAM Best Practices For DevOps

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

FBI to Investigate Parler, New Russian Host will be Revoked
Remote Workforce Security a Top Priority for 2021
Building Cognitive Resilience for Crisis Response
Insider Risk Threatens Digital Enterprise
Remote Work Needs a More Secure Cloud
FBI to Investigate Parler, New Russian Host will be Revoked
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Growing Significance of Cyber Security in Healthcare Industry
You’ll Be Shocked By The Percentage of Employees Clicking Phishing Emails
From Google Cloud Blog: “New whitepaper: Designing and deploying a data security strategy with…

Upcoming Webinars

Thu 28

Protecting Cloud-Native Apps and APIs in Kubernetes Environments

January 28 @ 1:00 pm - 2:00 pm
Feb 03

Too Close to the Sun(burst): A Supply Chain Compromise

February 3 @ 11:00 am - 12:00 pm
Feb 04

Lessons from the FinTech Trenches: Securing APIs at Finastra

February 4 @ 3:00 pm - 4:00 pm
Feb 09

How 2020’s Top 5 Attacks Reveal the Coming Cyberthreats in 2021

February 9 @ 1:00 pm - 2:00 pm
Feb 10

Finding Vulnerabilities in Your Cloud Native Applications Before They Find You!

February 10 @ 11:00 am - 12:00 pm
Feb 11

How to Merge AppSec and DevOps Effectively for the Good of Software

February 11 @ 3:00 pm - 4:00 pm
Feb 16

Security Policy Management in Hybrid Cloud Environment

February 16 @ 11:00 am - 12:00 pm
Feb 16

How Vertical Change Secures Sensitive Data Using Open Source Tools

February 16 @ 1:00 pm - 2:00 pm
Feb 17

Finding and Preventing Secrets in Code

February 17 @ 3:00 pm - 4:00 pm
Feb 18

Protecting Sensitive Customer Data in the New Remote Agent Environment

February 18 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

Managing the AppSec Toolstack

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

How Educational Institutions can Disrupt Ransomware Attackers
Cybersecurity Data Security Endpoint Identity & Access Industry Spotlight Network Security Security Awareness Security Boulevard (Original) Social Engineering 

How Educational Institutions can Disrupt Ransomware Attackers

January 26, 2021 Tony Cole | Yesterday 0
Human and Software Flaws Leave Remote Workers Vulnerable
Application Security Cybersecurity Data Security Endpoint Incident Response Industry Spotlight Malware Security Boulevard (Original) Threats & Breaches 

Human and Software Flaws Leave Remote Workers Vulnerable

January 26, 2021 Alexander Ivanyuk | Yesterday 0
Insider Risk Threatens Digital Enterprise
CISO Suite Cybersecurity Data Security Endpoint Identity & Access Industry Spotlight Security Boulevard (Original) 

Insider Risk Threatens Digital Enterprise

January 25, 2021 Joe Payne | 2 days ago 0

Top Stories

TetherView Unveils Digital Bunker Service for Virtual Desktops
Application Security Cloud Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

TetherView Unveils Digital Bunker Service for Virtual Desktops

January 26, 2021 Michael Vizard | Yesterday 0
FBI to Investigate Parler, New Russian Host will be Revoked
Analytics & Intelligence Cloud Security Cyberlaw Cybersecurity Endpoint Featured Governance, Risk & Compliance Incident Response Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Uncategorized 

FBI to Investigate Parler, New Russian Host will be Revoked

January 22, 2021 Richi Jennings | 4 days ago 0
Trump Hates Cloud, Because China Cyber?
Analytics & Intelligence Cloud Security Cyberlaw Cybersecurity Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) Spotlight Threat Intelligence 

Trump Hates Cloud, Because China Cyber?

January 21, 2021 Richi Jennings | Jan 21 0

Security Humor

via     the  Comic Noggins  of   Nitrozac     and     Snaggy     at     The Joy of Tech®   !

Joy Of Tech® ‘Signs Your Loved One Might Be Into Qanon’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2021 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.