Identity About to Expire
Risk Category
Lifecycle Management
Risk Description
Expiring NHIs may cause major operational issues and security gaps. Learn how to manage them before serious problems arise.
Why It’s a Risk
If an identity unexpectedly expires, critical processes and services may experience unplanned downtime, leading to operational inefficiencies and potentially affecting revenue and service delivery. Additionally, expired identities may inadvertently continue to function if expiration controls are not properly enforced, increasing the risk of unauthorized access.
Likelihood of Occurrence
moderate
Medium, particularly for organizations that rely on manual tracking of credential expirations.
Impact Level
moderate
Medium, as expired identities can lead to unplanned downtime, disrupt operations, and pose security risks.
Mitigation Strategy
Proactively manage identity expiration through advanced lifecycle management mechanisms including alerts and a streamlined process for renewing or decommissioning identities before they expire. Ensure continuous validation of expiring identities consumers through a Zero Trust approach to avoid access to expired credentials who continue to function.
Playbooks in Clutch
110
Applies for:
Cloud Service Provider
Vault
Source Manager
CI/CD
Password Manager
EDR
Data
Network
PaaS
Collaboration
Project Management
Log Analytics
IDP
CRM
MDM
IM
Ticketing
Automation
HRIS
SIEM