Term · 10. Account Types

Privileged Account PA

IDM/IGA Domain

PAM HIPAA ISO/IEC NIST PCI DSS SOX SWIFT CSCF

Definition

Account with elevated rights to administer systems, modify configurations, access sensitive data, or bypass standard controls. Examples: domain admins, root users, cloud admin roles, service accounts with admin scope. Primary target of attackers — compromise yields lateral movement and persistence.

Application: Subject to PAM controls: vaulting, session recording, MFA enforcement, JIT access, separation from regular user accounts. Required protections per PCI DSS, HIPAA, SOX, ISO 27001 A.9, NIST SP 800-53 AC family.

Standards & regulations

NIST SP 800-53 Rev. 5 «Privileged accounts include local and domain administrative accounts, emergency accounts, application management, and service accounts.»
NIST SP 800-53 Rev. 5 (IA-2(1)) «Implement multifactor authentication for access to privileged accounts.»
NIST SP 1800-18 (Draft) «Privileged accounts are used to access and manage an organization’s information assets and systems. Often described as the ‘keys to the kingdom,’ privileged accounts can provide elevated, sometimes un»

Sources

NIST SP 800-53 Rev. 5 (csrc.nist.gov) primary source

Related terms

← Back to glossary · Open in main list