Skip to content

Former Employee Token Is Enabled

Description

Ex-employees cease to be trusted parties, and any lingering access to the organization signifies a potential security threat. To better protect your company, incorporate the removal of former employees' tokens into your off-boarding process.

Risk triggers

  • Identity deactivated in at-least one integration, but not deactivated in others.

  • SailPoint Entro was able to link tokens to the identity owner, across multiple accounts and integrations.

Mitigation

Ex-employee token should be revoked.

  • Deactivate Access Token.

  • There are instructions per integration in the platform to verify activity and revoke the tokens.

JSON Example

Risk JSON

// Some code

Linked Element (Vaulted Secret/NHI Token) JSON

// Some code