User managed service accounts with user-managed keys

Data protection

User managed service accounts with user-managed keys

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
GCP CIS
GDPR
HITRUST
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-53
PDPA
UK Cyber Essentials

Description

User managed service accounts should not have user-managed keys. User-managed keys can be easily leaked by common development malpractices like checking keys into the source code or leaving them in the Downloads directory, or accidentally leaving them on support blogs/channels. It is recommended to prevent user-managed service account keys.

User managed service accounts with user-managed keys

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS