{"id":4159,"date":"2019-01-15T12:14:47","date_gmt":"2019-01-15T16:14:47","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=4159"},"modified":"2019-01-15T12:14:47","modified_gmt":"2019-01-15T16:14:47","slug":"want-better-identity-management-remove-your-orphaned-accounts","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/want-better-identity-management-remove-your-orphaned-accounts\/","title":{"rendered":"Want Better Identity Management? Remove your Orphaned Accounts"},"content":{"rendered":"

\"Want<\/p>\n

While the name may appear adorable – like a digital Oliver Twist – orphaned accounts resemble Bill Sikes more than a ruddy-cheeked street urchin. <\/span><\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n

You shouldn\u2019t consider orphaned accounts as just another contributor to your enterprise\u2019s network and active directory clutter. They could, can, and do represent potentially damaging attack vectors into your enterprise\u2019s IT environment. Orphaned accounts could allow hackers or insider threats to conceal their malicious activities for months, if not years.<\/span><\/p>\n

Why do orphaned accounts pose such a threat? What can you and your IT security team do to find and remove them? <\/span><\/p>\n

Here are some of our favorite suggestions: <\/span><\/p>\n

How Accounts Become Orphaned Accounts<\/b> \u00a0<\/span><\/h3>\n

Understanding how orphaned accounts come into being must serve as the first step to preventing them from damaging your network and databases. What distinguishes accounts from orphaned accounts. \u00a0\u00a0<\/span><\/p>\n

The account forms the core of all of your users\u2019 identities. These accounts contain all the necessary identifying and supplemental data your network needs to authenticate your users in their day-to-day capacities. As such, accounts can contain usernames, legal names, passwords, phone numbers, emails, and more. The diversity of information embodied in an account can pose a threat on its own. <\/span><\/p>\n

Your IT team creates new accounts every time an employee or administrator joins your enterprise. This should come as no surprise; \u00a0without a relevant account, your employees wouldn\u2019t be able to perform their everyday digital duties. Logically, your IT team would remove these accounts once the employees or administrators in question leave the enterprise for whatever reason. <\/span><\/p>\n

Except, in reality, you can\u2019t always rely on your IT security team to remove the accounts at the end of their life-cycles. Everyday cybersecurity demands, constant workloads, and professional burnout combine to allow accounts to remain long after the deprovisioning process. Sometimes, the size of the enterprise network conceals old accounts from discovery. <\/span><\/p>\n

In short, these accounts linger on, abandoned both by their original owner and any other valid user. These become orphaned accounts. <\/span><\/p>\n

Why Orphaned Accounts Pose a Serious Risk<\/b><\/h3>\n

Orphaned accounts have no valid user, but they still exist in the network and have valid credentials. <\/span><\/p>\n

Therefore, they can still access resources like email and application logins. In cases of orphaned accounts from privileged users, these rogue credentials could continue to access proprietary or private data. <\/span><\/p>\n

Thus. if an external or internal threat actor was so inclined and could find the accounts lingering on the network, they could weaponize these orphaned accounts. In fact, with a legitimate but unclaimed account, the possibilities of what a hacker could do on your network prove overwhelming. A threat actor could, with orphaned accounts: <\/span><\/p>\n