Minimizing cyberattacks by managing the lifecycle of non-human workers - Help Net Security

Minimizing cyberattacks by managing the lifecycle of non-human workers - Help Net Security

The number of non-human workers is growing, particularly as global organizations increasingly prioritize cloud computing, DevOps, IoT devices, and other digital transformation initiatives. Yet, organizations frequently only apply access controls to humans (employees, contractors, etc.), despite the risks associated with cyberattacks and data breaches linked to non-human workers and their privileged access to sensitive information.



Further, when a human worker leaves an organization, the organization generally has set processes to revoke that employee’s access to systems and data, eliminating the risk that access to these systems and data remains available.


But what happens when a non-human worker is no longer needed? For many organizations, often that non-human worker’s access privileges remain intact. This presents opportunities for cybercriminals to exploit the orphaned accounts for unauthorized access and initiate cyberattacks.


Organizations must track and manage the lifecycle approach to non-human workers. Otherwise, cybercriminals can launch cyberattacks that wreak havoc across an organization.


With the proper approach to the monitoring and management of the lifecycle of non-human workers, organizations can improve operational efficiencies while at the same time reducing the attack surface and stopping cyberattacks, data breaches, and compliance issues associated with these entities and their access.


Service accounts


A service account is generally used in operating systems to execute applications or run programs. It can also be utilized to launch programs on Unix and Linux. Service accounts belong to specific services and applications rather than end-users.


Common types of service accounts include (among others):


Administrative (e.g., that provide access to local hosts or instances or all workstations and servers across a specified domain)
Application (e.g., that let applications access databases, perform batch jobs ..