Platform
- Platform Overview
  Platform Overview
  Universal Non-Human Identity security Platform
- Visibility
  Visibility
  Automatically discover and correlate all NHIs with a contextualized inventory
- Detection & Response
  Detection & Response
  Immediately detect suspicious NHI behavior and respond to breaches
- Lifecycle Management
  Lifecycle Management
  Effortlessly manage the NHI lifecycle and address governance gaps
- Zero Trust Protection
  Zero Trust Protection
  Proactively shield your organization
- Posture & Risk Management
  Posture & Risk Management
  Immediately detect suspicious NHI behavior and respond to breaches
Integrations
Resources
- Blog
  Blog
  Expert insights on NHI security
Learn
- Debunking Rotation
  Debunking Rotation
  Research demonstrating how quickly leaked NHIs are exploited
- NHI Risk Library
  NHI Risk Library
  Understand NHI risks and how to mitigate them
- Principles
  Principles
  Clutch's approach to addressing NHI challenges
- NHI Scope Calculator
  NHI Scope Calculator
  Quickly assess your organization's NHI footprint
Community
- NHI Index
  NHI Index
  Comprehensive industry mapping of NHIs
- Federator
  Federator
  Open-source tool for automating cloud federation setup
- AWS Key Lockdown
  AWS Key Lockdown
  Open-source tool for instantly revoke exposed AWS access keys
- VSCode extension
  VSCode extension
  A VSCode extension that scans the workspace for secrets using Gitleaks
Company
- About Us
  About Us
  Who we are and why we built Clutch
- Join the Team
  Join the Team
  Explore career opportunities
- News and Events
  News and Events
  Stay informed about everything that's happening
- Trust Center
  Trust Center
  Customer security is our top priority
- Contact Us
  Contact Us
  Let us know how we can help

Active Identity of Departed Employee

Risk Category

Lifecycle Management

Risk Description

When an employee leaves an organization, the NHIs associated with them may remain active within systems if not properly deactivated. This includes access to sensitive applications, cloud platforms, and internal resources.

Why It’s a Risk

If these identities are not immediately revoked, they can be exploited by malicious actors, leading to unauthorized access to systems. Former employees with lingering access could intentionally or unintentionally expose data or compromise system integrity, posing severe financial, operational, and reputational damage.

Likelihood of Occurrence

HIGH

High, especially if offboarding processes are not automated or routinely audited.

Impact Level

HIGH

High, as it can lead to unauthorized access, data breaches, and potential insider threats.

Mitigation Strategy

Implement continuous NHI monitoring and lifecycle management to ensure timely deactivation of credentials immediately after employee offboarding. Regular audits and enforcing a Zero Trust model validate all access requests, preventing any unauthorized access by former employees.

Playbooks in Clutch

110

Applies for:

Cloud Service Provider
Vault
Source Manager
CI/CD
Password Manager
EDR
Data
Network
PaaS
Collaboration
Project Management
Log Analytics
IDP
CRM
MDM
IM
Ticketing
Automation
HRIS
SIEM