The Misery of Orphan Accounts
A diagram of the Orphan Account concept, a courtesy of the Open-Measure project

The Misery of Orphan Accounts

David Doret David Doret

David Doret

IT Risk & Cybersecurity: IAM & PAM Manager at BNP Paribas

发布日期: 2021年3月30日
+ 关注

There’s much more to know about orphan accounts than may appear at first glance. Let’s consider the following simplified scenarios:

Scenario 1. The aborted recruitment

You recruit Alice for a job in the Accounting department.

Bob is responsible for the administration of the Accounting system. He is notified of Alice’s arrival and configures her user account with the default password “welcome”. Erroneously, he thinks his process is secure because he ticked the user must change password during next login checkbox in the system.

But oops, Alice changes her mind and picks another job.

Nobody tells Bob to delete Alice’s user account because she never resigned from the organization. This is now an orphan account. It just stays there, forever, in the Accounting system. For Eve, the infamous hacker, this orphan account is a low hanging fruit to compromise.

Scenario 2. The former employee

Your Sales department decides to use a popular and colorful gadget cloud application to manage its sales pipeline. It uses single-factor password authentication.

Eve worked for your organization as a sales representative. She leaves the company and starts a new position with a competitor.

The lousy leaver process in your organization fails to revoke her access in the gadget cloud app because the IAM team wasn't even aware of its existence.

Eve can’t help but succumb to the temptation to keep on using the colorful sales pipeline app. With this orphan account, she gains an (illegal) competitive edge and offers aggressive discounts to your most promising prospects.

Orphan accounts undermine security

These were just two simplified examples to illustrate some of the many ways orphan accounts may stealthily accumulate and lurk in your information system.

Orphan accounts are defined as digital identities that are not owned by an active and legitimate entity. They represent a serious security risk.

The following conceptual diagram gives a high-level view of the key components of this concept:

No alt text provided for this image

To learn more about orphan accounts, I invite you to read the new Orphan Account entry that is freely available on the Open-Measure dictionary:


Hani kumar Choudhary

Technical Consultant at Wipro || Ex-IBMer

3 年

Well Explained
回复
1 次回应
Sreekanth Arangathiruvanan

IAM - Information Security (CIAM, CIGE, CAMS & CIMP)

3 年

Thanks for sharing, Indeed a good article. In my view, if we have a solution of identity governance placed structurally end to end across access management, no possibility of having orphan accounts.
回复
1 次回应
Andrew Budlong

Cyber Security and IAM

3 年

Thanks David, this inspires me to recreate a version of this diagram for SSH keys.
回复
1 次回应
Avinaash Talekaar

AVP Information Technology Cyber Security IAM @ State Street | Strategic Cybersecurity Leader with IAM Expertise

3 年

Thanks for sharing
回复
1 次回应
查看更多评论

要查看或添加评论,请登录

David Doret的更多文章

社区洞察

其他会员也浏览了