Remove inactive accounts periodically
Summary
The organization must remove inactive user accounts periodically (purging).
Description
Inactive user accounts that remain in the system can be a security risk. If these accounts have not been properly deactivated or removed, they may become a target for unauthorized access or exploitation by malicious actors.
References
- CIS-5_3. Disable dormant accounts
- NIST80053-AC-2_3. Disable accounts
- NIST80053-AC-2_10. Shared and group account credential change
- NIST80053-AC-2_13. Disable accounts for high-risk individuals
- SOC2-CC6_5. Logical and physical access controls
- CMMC-AC_L2-3_1_10. Session lock
- CMMC-IA_L2-3_5_6. Identifier handling
- FEDRAMP-AC-2_3. Account management - Disable inactive accounts
- ISSAF-Q_16_20. Host security - Windows security (local attacks)
- ISSAF-U_9. Web application SQL injections - Bypass user authentication
- OWASPRISKS-P6. Insufficient deletion of personal data
- OWASPSCP-5. Access control
- C2M2-4_1_c. Establish identities and manage authentication
- C2M2-4_1_f. Establish identities and manage authentication
- C2M2-4_1_j. Establish identities and manage authentication
- PCI-2_2_2. System components are configured and managed securely
- PCI-8_2_6. Inactive user accounts are removed within 90 days of inactivity
- SIG-H_2_3. Access control
- FISMA-AC-2_3. Disable accounts
- FISMA-AC-2_10. Shared and group account credential change
- FISMA-AC-2_13. Disable accounts for high-risk individuals
Weaknesses
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.
Supported In
This requirement is verified in following services
Essential Plan
Advanced Plan