As organizations grow and people come and go, we find that accounts are sometimes left in an active state well after the employee (contractor, vendor, volunteer, student, etc) has gone. A full featured Identity Management solution will deal with most of these issues as long as the defined business processes are followed but best-practice dictates that validation mechanisms also be deployed to ensure policy enforcement.
Identity Automation’s Account Validation Solution can identify Stale accounts in Active Directory and other LDAP Directories by:
- Last login date
- Comparing the directory to a source of valid users
When Stale accounts are identified, a report can be emailed to appropriate staff members and automatic action can be taken such as disabling, moving or deleting the accounts.
Identity Automation’s Account Validation Solution can also look for the presence of rogue administrative accounts that may be created by IT staff who may have malicious intentions or may be trying to work-around tight governance controls such as a Privileged Management solution. When a rogue account is identified the account can be disabled, moved or deleted and other important data such as the account creation date/time can be emailed to appropriate staff members.
Implementing Account Validation in conjunction with your Identity Lifecycle Management Solution (e.g. Identity Management) and Privileged User Management Systems is an excellent best practice approach to ensuring that your organization is taking all the necessary steps to ensuring compliance and decreasing the risk of unauthorized data access.
If you would like to be contacted by a Sales Representative, please submit your contact information and we will contact you as quickly as possible.