Stale Identity

Risk Category

Lifecycle Management

Risk Description

Stale NHIs increase security vulnerabilities. Discover strategies to identify, clean up, and manage stale identities to reduce exposure.

Why It’s a Risk

Stale identities are low-hanging fruit for attackers, as they are less likely to be monitored. If compromised, attackers can leverage these dormant identities to gain unauthorized access to sensitive systems, bypassing active security protocols.

Likelihood of Occurrence

HIGH

Medium to High, depending on how often identity reviews and cleanups are performed.

Impact Level

MODERATE

Medium, as stale identities can be exploited by attackers for unauthorized access.

Mitigation Strategy

Regularly audit and identify stale identities to revoke access or revalidate them. Implement policies for automatic expiration of inactive identities and ensure that access to stale identities is always validated by a Zero Trust framework before any action is taken.

Playbooks in Clutch

110

Applies for:

  • Cloud Service Provider

    AWSAzureGCP
  • Vault

    AWS Secrets ManagerGCP Secret ManagerHashicorp Vault
  • Source Manager

    BitbucketGithubGitlab
  • CI/CD

    CircleCIGithub ActionsJenkinsTeamcity
  • Password Manager

    1PasswordLastpass
  • EDR

    CrowdstrikeSentinelOneMicrosoft Defender
  • Data

    AWS RedShiftMongo DB AtlasMySQLPostgreSQLSnowflake
  • Network

    AkamaiCloudflare
  • PaaS

    AKSEKSGKEK8S
  • Collaboration

    Atlassian ConfluenceNotion
  • Project Management

    Atlassian Jira
  • Log Analytics

    DatadogElasticSplunk
  • IDP

    Google WorkspaceJumpCloudMicrosoft Entra IDOkta
  • CRM

    HubspotSalesforce
  • MDM

    IntuneJamf
  • IM

    Microsoft TeamsSnowflake
  • Ticketing

    ServiceNowZendesk
  • Automation

    TinesTorq
  • HRIS

    Bamboo HRHiBob
  • SIEM

    Exabeam (LogRhythm)Sumo Logic