Service Account


Service Account (or Application Accounts) are a Digital Identity that is used by an application or services to interact with the other Applications or the Operating System.

Service Account may be a Privileged Identity within the context of the application. Local Service Accounts may interact with a variety of Operating System components which makes coordinating Password Changes difficult. This challenge usually means the passwords are rarely changed – representing a significant Security Consideration across an Organizational Entity.

Service Account used by applications to access databases, run batch jobs or scripts, or provide access to other applications. These Privileged Identity usually have broad access to underlying company data Stores that resides in applications and databases. Passwords for these accounts are often embedded and stored in Plaintext files, a vulnerability that is replicated across multiple servers to provide greater fault tolerance for applications. This vulnerability represents a significant risk to an organizational Entity because the applications often host the exact data that Advanced Persistent Threats consider as an Item of Interest.

Service Account are a Non-person entity Digital Identity and may be shared

Service Account Google Cloud Platform [1]#

A Service Account on Google Cloud Platform is an account that belongs to your application instead of to an individual end-User. A Service Account is used in an application that calls APIs on behalf of an application that does not access user information. This type of application needs to prove its own identity, but it does not need a user to authorize prequests].

For example, if your Google Cloud Project employs server-to-server interactions such as those between a web application and Google Cloud Storage, then you need a Private Key and other Service Account credentials.

More Information#

There might be more information for this subject on one of the following: