Phone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Taking the Anxiety out of Service Account Management

Written by Thycotic Team

November 14th, 2017

“Service Account Management” is a deceptively simple term for a process that can be full of uncertainty and justifiable fears.

Service Accounts can be the Active Directory accounts attached to your Windows Services, Scheduled Tasks, Application Pools, and more mission critical services that keep your organization operating and in business. The mere thought of having to rotate the password on any one of these accounts is enough to send shivers down the spine of even the most experienced IT Administrator.

Service Account Management = Anxiety

Above and beyond the sheer importance of Service Accounts, why is there so much anxiety around their management?

Because Service Accounts are often managed manually from cradle to grave and therefore, are prone to errors.

You cannot oversee something that is occurring outside the scope of your knowledge

There’s no shortage of these accounts in an organization’s technical infrastructure, and they are often provisioned without any automated controls set in place. If they are provisioned without any robust process in place then that begs the question: is anyone keeping track of when these Service Accounts are no longer needed?

You cannot oversee something that is occurring outside the scope of your knowledge. Worse yet, rotating the passwords of these accounts can be nothing short of a nightmare. You have to know every place the Service Account is in use, go there, change its password, and hope that you set the password correctly and that you knew every place the account was being used. One small misstep could spell disaster.

Lucky for you, Thycotic’s enterprise privileged account management tool, Secret Server, skillfully manages Service Accounts in any environment. *breathe a sigh of relief*.

The first step to take with Secret Server is to leverage its Discovery feature to find all your Service Accounts across your network so you can better understand the landscape of your environment.

From there, you can either manually or automatically import your Service Accounts. Secret Server provides the flexibility that will allow you to decide whether you’re starting off with the password the Service Account already has or if you want Secret Server to rotate the passwords upon import.

Once the Service Account is imported you can manage the order in which Secret Server acts upon the different systems that your Service Account is used for, to ensure there are no conflicts with existing dependencies in your environment.

After you’re done configuring your Service Account you can take advantage of permissions and audit trails to lock down access to these accounts and understand how they’re being used. Secret Server also has powerful security controls such as Request Access to supplement your security posture. Request Access allows you to enforce a workflow on users who are trying to access your Service Accounts. Last but not least, Secret Server can record any sessions that users launch using your Service Accounts, and keep track of any keystrokes during those sessions.

Service account management in Secret Server

You can try Secret Server free for 30 days (below), with support, and see how this awesome tool takes the anxiety out of Service Account management.

IT Security should be easy. We’ll show you how.

Try Secret Server and experience how FAST & EASY
IT security products can be.



Like this post?

Get our top blog posts delivered to your inbox once a month.