Inactive microsoft account4/6/2024 The more keys (or accounts) you can remove from circulation, the more secure your kingdom is. A key (or account) could topple your entire kingdom, as other kingdoms or bandits (malicious actors) want to get into your kingdom to steal anything of value. Each account that is given out or created is a member of your kingdom that has keys to the city. Think of it this way imagine you run a kingdom in medieval times. Payment Card Industry Data Security Standard (PCI DSS), version 3.2.1 – Requirement 8.1.4: Remove/disable inactive user accounts within 90 days.4 – AC-2(3): The information system automatically disables inactive accounts after the organization-defined time period. National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Rev.Best practices and standards require that these accounts are removed or disabled within a set amount of time: When stale accounts are unknown to an organization or unmonitored, a malicious actor can compromise one and remain hidden to IT staff. It is also not uncommon for these stale accounts to have the original default password set. Each one of these accounts offers a malicious actor an opportunity to gain access to resources. Stale accounts pose a security risk to organizations. Inactive accounts or accounts that have never logged in to a machine are also known as “stale” user accounts.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |