We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.
No ratings
SAgrahari
Saviynt Employee
Saviynt Employee

Short Description - Orphan accounts can pose a serious security challenge for your organization. They are unattended , disown accounts who might have sensitive access assigned to them. We need to regular monitoring and appropriate handling of these accounts to mitigate the security risk.

Applicable version - All versions

Detailed best practice -

Continuous monitoring -  Saviynt provides out of the box Control to monitor orphan accounts across the systems. We should utilize and monitor orphan account reports to keep a track on unattended account in the systems. The orphan account reports should be scheduled to run on periodic interval which is aligned with your organization's compliance needs.

Remediation Action -

  • Map Orphan Accounts - Saviynt's Actionable controls provide an action to manage orphan account. The action is called - 'Map Orphan Accounts'. This action can be used to map the orphan accounts which are reported in Orphan account reports to a valid user/owner.
  • Recertify - The regular certification/ campaign should include orphan accounts and an admin needs to review the access assigned to orphan accounts. If the orphan account can not be mapped to valid identity and access can not be justified, we should revoke the account and associated access.
  • De-Activate Account - Every orphan account needs to be owned by a valid owner/user. If a user to account link can not be established the admin can take a decision to  Deprovision Account/ Disable Account. These Actions can be taken from Actionable Orphan account report.

Reference documentation (doc portal link) - https://docs.saviyntcloud.com/bundle/EIC-Admin-v2021x/page/Content/Chapter02-Identity-Repository/Man...

Impact - Key benefits - Quantitative/qualitative benefits

  1. Reduce organization risk by mitigating unattended/un-owned access
  2. Keep your system clean and stay clean
  3. Continually monitor your risk caused by Orphan accounts
Version history
Last update:
‎06/16/2023 02:59 AM
Updated by: