Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Thycotic Launches Industry’s First Privileged Service Account Governance Solution


Written by Kali Linette

August 20th, 2019

WASHINGTON, D.C., August 20, 2019 Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 20 percent of the Fortune 1000, today expanded its industry-leading PAM solution to address the risks associated with service account sprawl. Service accounts are specialized non-human accounts used by applications or other services to access data and network resources to perform specific tasks. Because of their “set it and forget it” operation and limited human interaction, service accounts often fly under IT’s radar and rarely get inventoried and controlled along with more visible privileged accounts. This lack of governance makes service accounts the ideal target for cyber criminals. Thycotic’s Account Lifecycle Manager is the PAM market’s first product to enable service account governance by automating the lifecycle of service accounts, from workflow-based provisioning to account decommissioning.

“Service accounts are like a ticking time bomb in the privileged account world,” said Jai Dargan, vice president of Product Management at Thycotic. “Most admins don’t even know they exist until they get compromised and someone gains unauthorized access to a business-critical application, and by then it’s too late. This is the latest example of Thycotic delivering an innovative new way to solve our customers’ most pressing privileged access challenges”

Service accounts are the “silent killer” of privileged accounts

Service accounts exist in large numbers in almost every organization. Their specialized operation often requires elevated privileges and access to business-critical applications and data. They avoid the governance of other privileged accounts because they are rarely utilized by human users and operate behind the scenes, “silently” performing their assigned tasks, requiring little maintenance or attention. IT admins are often reluctant to decommission them because their dependencies can be difficult to ascertain, and inadvertent removal can lead to “killer” service disruptions. This reluctance leads to runaway service account sprawl, expanding the privileged account attack surface to proportions that are virtually impossible to manage without the proper tools.

Privileged account governance reduces attack surface and mitigates risk

Thycotic’s Account Lifecycle Manager enables comprehensive service account governance by automating the lifecycle of service accounts from cradle to grave, with workflows, automated provisioning, governance, compliance, and decommissioning capabilities. Service account requests follow approval workflows tailored to each organization’s specific needs. IT teams can seamlessly control service accounts and mitigate the risk of breaches, service interruptions and human error.

“Thycotic’s Account Lifecycle Manager has enabled several large enterprises to find and remove hundreds of thousands of unneeded and unmanaged accounts that could have otherwise compromised their networks,” said James Legg, president and CEO at Thycotic. “This is a critical solution for any company trying to navigate account governance.”

“Service accounts are an area where much risk is concentrated,” said Anmol Singh, lead analyst at KuppingerCole. “Our clients are really struggling to enforce appropriate privileged account governance for these accounts. There is huge market demand for a product like Account Lifecycle Manager, kudos to Thycotic for leading the charge to solve this major security challenge.”

Organizations can test drive Thycotic’s Account Lifecycle Manager for free.