Whether you realize it or not, service accounts represent a major risk to your data security. I’ve had many customers inquire about how to protect service accounts within their Active Directory environments. Through these conversations, I’ve learned that organizations want to understand the fundamentals of service accounts, and how attackers can exploit these accounts, so they can prevent them from being compromised.
A service account is a “non-human” account that is used to run services or applications. Service accounts are not administrative accounts, or other “human” accounts, used interactively by administrators or other employees. Service accounts also often have privileged access to computers, applications, and data, which makes them highly valuable to attackers.
Because service accounts are not tied directly to a human, they must be treated differently from other accounts. One example is password policies. It may be acceptable to require very long and complex passwords for service accounts, because you don’t have to worry about a human forgetting them. On the other hand, it is hard to set password expiration policies because resetting a service account password may break an application.
That means once a password is compromised by an attacker, it is unlikely to change for a long time, if ever.
There are measures you can take to protect service accounts, but unfortunately, some companies don’t implement them. By putting in place proper controls like restricting interactive logons or automating password management, you can prevent the misuse and compromise of service accounts.
There are several ways attackers exploit the things that make service accounts unique in order to compromise them and leverage their privileged access.
Over the next four weeks, I’m going to detail four (4) service account attacks. I’ll explain how they work, the techniques and tools bad actors use to perpetrate these attacks, and what you can do to stop them. Here’s the lineup:
To watch the Service Account Attacks webinar, please click here.
Jeff Warren is Stealthbits’ General Manager of Products. Jeff has held multiple roles within the Technical Product Management group since joining the organization in 2010, initially building Stealthbits’ SharePoint management offerings before shifting focus to the organization’s Data Access Governance solution portfolio as a whole. Before joining Stealthbits – now part of Netwrix, Jeff was a Software Engineer at Wall Street Network, a solutions provider specializing in GIS software and custom SharePoint development.
With deep knowledge and experience in technology, product and project management, Jeff and his teams are responsible for designing and delivering Stealthbits’ high quality, innovative solutions.
Jeff holds a Bachelor of Science degree in Information Systems from the University of Delaware.
Learn why Active Directory security should be a priority for your organization and ways to mitigate against a data breach with this free white paper!Read more
Start a Free Stealthbits Trial!
No risk. No obligation.