Now, if you were not there at the set-up of new resources, you'd probably be unaware that there was a super-user account created at the genesis. But that super-user account never goes away and in most cases is used day-to-day, either by someone or something (either applications or automated systems). As time goes on, the knowledge of these super-users accounts, where they are, how they're being used and so on, gets lost. Just as the history of how the bible originated is a mystery to most people except for scholars, so it goes with privileged identities.
As time goes on, things change in the world of IT and, again, most people don't understand the implications. Add new appliances, switches, routers and software and new root accounts pop up. Blend that in with new super-user accounts for things like intrusion detection devices, antivirus systems or DLP and you get a whole new layer of privileges added to the environment. People don't really think about it, they simply interact with it at the user level and the environment continues to evolve and morph.
But when auditors and regulators come in and ask 'Who created all of this?' and ‘Who has access to these accounts?’, you've got a good old fashioned debate on par with creationism and evolution; because there’s no one still around who can answer where the accounts came from and no records detailing who can access them.
Mining the infrastructure with privileged identity management
So where does privileged identity management play in this metaphor? I like to think of it like being the archeologist of the bunch. When you're managing these identities, your job is to go out and mine the infrastructure, looking for 'fossils,' or those clues that provide your organisation with a view of where those god-like accounts are, how they're being used and what they're being used to do.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.