Privileged Password Sharing: "root" of All Evil

by J. Michael Butler
Sept. 1, 2017 0 comments SANS Institute system administration

Privileged accounts are difficult to manage in any enterprise running multiple distributed operating systems and versions of those systems. The more disparate the systems, the larger the problem. Take, for example, an environment that has HP UX, Red Hat Linux, IBM AIX, mainframes, Active Directory, Windows 2003 Server, Windows 2008 Server, and a few other odds and ends. How can one administrator provision and keep track of every privileged user on every system? For that matter, how can a team of administrators control who is doing what, on which server, and to what end?

https://www.sans.org/reading-room/whitepapers/analyst/privileged-password-sharing-root-evil-35195