The utilization of always-on privileged accounts has been the default mode for administrative access for the last 40 years. However, always-on access or persistent administrative credentials (referred to by most analysts as “standing privileges”) represent a massive risk surface as it means the privileged access, rights, and permissions are always on and ready to be exercised—for both legitimate and illicit purposes. And, this risk surface is rapidly exploding alongside the growing use of virtual, cloud, IoT, and DevOps environments in our ever-expanding privilege universe. Of course, cyber threat actors are well aware of what is essentially the overprovisioning of privileges via the always-on and persistent model. With always-on privileged access in hand, a threat actor essentially becomes a malicious insider, and that’s an alarming scenario for anyone.