I’m interested in opinions on acceptable practices for granting and monitoring privileged accounts in use in client-server/discretionary access based systems. In Mainframe/midrange it seems like this is much easier to control. I have my own opinions but am looking for some validation or points I haven’t thought of.
