Enable javascript in your browser for better experience. Need to know to enable it? Go here.
radar blip
radar blip

Service account rotation approach

Published : Apr 13, 2021
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar. Understand more
Apr 2021
Adopt ? We feel strongly that the industry should be adopting these items. We use them when appropriate on our projects.

We strongly advise organizations to make sure, when they really need to use cloud service accounts, that they are rotating the credentials. Rotation is one of the three R's of security. It is far too easy for organizations to forget about these accounts unless an incident occurs. This is leading to accounts with unnecessarily broad permissions remaining in use for long periods alongside a lack of planning for how to replace or rotate them. Regularly applying a cloud service account rotation approach also provides a chance to exercise the principle of least privilege.

Download Technology Radar Volume 29

English | Español | Português | 中文

Stay informed about technology

 

Subscribe now

Visit our archive to read previous volumes