I am looking for information on the security of an account trusted for delegation. We would like to use one for communication between IIS and SQL but are debating it due to it having the ability to impersonate accounts. How safe is this? What is there to prevent this account from being an exploit into our network? It is only being used for an intranet site but security risks are being evaluated before using this method.