Orphan accounts, adopt or kill?!

The most critical thing to do is a complete review of the orphan accounts and bring them under proper governance and control.  I have seen many organizations attempting to do this and have a clean state of accounts but often lose track.

I would like to suggest a 4-step approach that can help produce results.

1.      Gather contextual data about these accounts. When was it created? Last modified? Last used? From where? When was the password last changed? These details could be used to discover some helpful insight about these accounts.

2.      Run a focused campaign across the organization and allow users to claim ownership of these accounts. The contextual information gathered in the previous step should be provided along.

3.      Establish user-account relationship where ownership is identified and plan for the suspension and revocation of accounts in a phased manner where ownership can’t be identified.

4.      Establish a specific access governance model for these accounts. Any new requests for creation of such accounts, modification and removals should be controlled through this process.

~ Paul

Leave a comment

Your email address will not be published. Required fields are marked *