Applications often need to connect to other applications or services on the network to function. For example, a web application may have to connect to one or more databases to retrieve or update data, to web services to initiate transactions, to a directory to create or update user objects, etc.
When an application connects to a network service, it uses credentials -- normally an ID and password -- to do so. This raises some questions about password management:
- Where is the password used by an application to sign into a network service stored?
- Does the password ever change?
- How is the stored password protected against compromise?
A privileged access management system must be able to address these questions.