Skip to content

Former Employee Token

Eco-system support

  • AWS Secrets Manager

  • Azure Key Vault

  • GCP Secrets Manager

  • GitHub Action Secrets

Description

Ex-employees cease to be trusted parties, and any lingering access to the organization signifies a potential security threat. To better protect your company, incorporate the removal of former employees' tokens into your off-boarding process.

Risk triggers

  • Identity deactivated in at-least one integration, but not deactivated in others.

  • SailPoint Entro was able to link tokens to the identity owner, across multiple accounts and integrations.

Mitigation

Ex-employee token to be revoked

  • Deactivate Access Token

    • here are instructions per integration in the platform to verify activity and revoke the tokens