A privileged account is a user account that has more privileges than ordinary users. Privileged accounts might, for example, be able to install or remove software, upgrade the operating system, or modify system or application configurations. They might also have access to files that are not normally accessible to standard users.
There are many kinds of privileged accounts:
- Root and administrator accounts are typically used for installing and removing software and changing configuration. They are superuser accounts.
- Service accounts are used for running processes, such as web servers, database servers, and application servers.
- System accounts are used for running operating system components and owning related files.
Privileged access management (PAM) refers to a set of processes and tools for controlling, monitoring, and auditing privileged access. Traditional PAM solutions are typically based on password vaults and password rotation, whereas modern next generation systems avoid passwords altogether.