Categories Topics
Description
System ID Management

Overview
A system ID (also known as service account) is primarily used for automation, authenticating system or application resources or services to name a few.  System ID's are differentiated from User ID's in that they are "faceless", but still require to be uniquely identified, tracked and associated to appropriate individual or information resource.

Guidelines
System ID's, as with User ID's, should have an owner who is an employee and is accountable for it's usage.  In addition, unique System ID's should be used for production and non-production environments (e.g. development, test, etc.) and should not span different environments.

Default ID's provided by vendor systems, applications or devices should also be disabled or removed before implementation.  Default System Administrator ID's used for accessing Operating Systems (e.g. Windows "Administrator" account), should also be renamed and carefully controlled, logged and monitored to ensure accountability of it's usage.

System ID's may be shared, but only if carefully controlled.  For example, consideration should be considered for password "vault" or other access control solutions that include built in controls for access authorization, audit logging for account "check-out/check-in" for better accountability, and password changes and controls, to name a few.

Please see topics "Access Control" and "User ID Management" for additional guidance related to Identity and Access Management.   

Topic Category
Access Control
 
News Articles
Clinton campaign chief’s Twitter, iCloud accounts hijackedwww.helpnetsecurity.com10/14/2016
Sage suffers data breach from insiderwww.scmagazine.com8/15/2016
Report: Target Hackers Used Default Vendor Credentials; Justice Dept. Investigatingthreatpost.com1/30/2014
Policies
System ID Management Policy