Many companies we speak to admit they do not have a sound deprovioning process. Accounts can stay in Active Directory for employees no longer with the company putting security at risk. In the past, we have talked about how this is true in our experience. An ex-employee of yours may join your competitor and still maintain access to your intranet at the same time. Consequently, they could cause quite a lot of damage to your company.
Validation of Our Experience
Recently, a cloud-based company OneLogin did a survey of over 500 IT decision-makers. (OneLogin has, unfortunately, at the time of this writing, had recent security problems of their own. Our sympathy goes out to them with these issues related to risks putting directory information out in the cloud.) These folks in the survey indicated that half of their ex-employees still have access to their corporate intranet. This is another validation of what we have experienced with our prospects. Especially relevant is the fact that these IT folks know their company has a problem but do not have a solution in place.
A Solid Software Solution
It’s important to combat this problem by considering what a good Identity and Access Management (IAM) solution can do. It’s therefore good to know what to expect from a system with regards to deprovisioning. Armed with this education, deploy a solution like Web Active Directory’s PeoplePlatform in the cloud or on premise (more safely behind your firewall) to provide an automated software solution to combat the deprovisoning security problem. Most of all, whatever you do, consider if this is a problem for your organization and take steps to combat it.