In computing, “Break Glass” is the act of checking out a system account password to bypass normal access control procedures for a critical emergency. This provides the user immediate access to an account they may not normally be authorized to access. This method is generally used for highest-level system accounts such as root accounts for Unix or SYS/SA for a database. These accounts are highly privileged and break glass limits them by the password time duration, with the aim of controlling and reducing the account’s usage to only when necessary to complete a certain task.
source: https://www.beyondtrust.com/blog/entry/provide-security-privileged-accounts-with-break-glass-process
No comments:
Post a Comment