A friend of mine who recently switched jobs.
I receive my fair share of PR pitches for surveys, analyst reports, and experts offering their opinion. Mostly, I pass–I prefer to post news, not opinions.
But with over 100,000 tech employees laid off recently, this survey about orphaned user accounts–accounts left active when an employee moves on–seemed particularly timely.
Risk=probability*consequences. While the probability of someone maliciously accessing data seems low, 15% of the respondents reported this happening. And the consequences can be serious.
Symark International surveyed more than 850 security, IT, HR and C-level executives across all industries.
Highlights:
42 percent of businesses do not know how many orphaned accounts exist within their organization.
30 percent of respondents said they have no procedure in place to locate orphaned accounts.
Approximately 27 percent of respondents said that more than 20 orphaned accounts currently exist within their organization.
More than 30 percent of respondents said it takes longer than three days to terminate an account after an employee or contractor leaves the company, while 12 percent said it takes longer than one month.
More than 38 percent of respondents said that they had no way of determining whether a current or former employee used an orphaned account to access information, while 15 percent said that this has occurred at least once.
Interesting stats, but would you mind removing the poor little child’s photo?
The photo is in poor choice. I actually feel uncomfortable reading the article looking at the photo.
My apologies.
Did not mean at all to tread on deeper threads.
I removed the photo of the orphan, and replaced a photo of a friend. Yesterday he switched jobs, so a classic case study of orphaned user accounts.
One thing seem to have left out (intentionally or otherwise) is what happens to the information in the orphaned account.
Handover procedures are more often than not a formality in organizations, it’s this information that should be really handed over.
Ofcourse there are costs - time, analytics required.
Complicated, but interesting meme I’d say.