Definition
Highly-privileged account reserved for emergency use — disaster recovery, lockout recovery, after-hours critical incidents. Strictly controlled: kept in sealed vault, checkout requires multi-party approval, every use is alerted to security team, post-use review mandatory.
- Application
- MidPoint: Emergency account is an account (digital identity in information system) used for emergency operations in information systems.
- Standards & regulations
-
- NIST SP 800-53 Rev. 5 «Organizations establish **emergency accounts** in response to crisis situations and with the need for rapid account activation. The organization: a. Establishes and administers temporary and emergency»
- NIST SP 1800-18 (Draft) «Privileged accounts include local and domain administrative accounts, **emergency accounts**, application management, and service accounts.»
- Sources
-
- NIST SP 800-53 Rev. 5 (csrc.nist.gov) primary source
Related terms
-
Privileged Account (PA)
Account with elevated rights to administer systems, modify configurations, access sensitive data, or bypass standard con …
-
Shared Account
Account credentials shared by multiple users — historically common for break-glass scenarios or systems without per-user …
-
Bastion Host
Hardened gateway server providing controlled access to internal systems — users connect to bastion, then jump to target …
-
Just Enough Administration (JEA)
PowerShell capability (and broader IAM principle) restricting administrative actions to the minimum command-set required …
-
Privileged Session Management (PSM)
PAM capability that records, monitors, and analyzes sessions involving privileged credentials — SSH sessions to servers, …
-
Access Control (AC)
Mechanism that determines whether a principal is permitted to perform a specific action on a specific resource. Includes …