Stale Identity
Risk Category
Lifecycle Management
Risk Description
Stale NHIs increase security vulnerabilities. Discover strategies to identify, clean up, and manage stale identities to reduce exposure.
Why It’s a Risk
Stale identities are low-hanging fruit for attackers, as they are less likely to be monitored. If compromised, attackers can leverage these dormant identities to gain unauthorized access to sensitive systems, bypassing active security protocols.
Likelihood of Occurrence
high
Medium to High, depending on how often identity reviews and cleanups are performed.
Impact Level
moderate
Medium, as stale identities can be exploited by attackers for unauthorized access.
Mitigation Strategy
Regularly audit and identify stale identities to revoke access or revalidate them. Implement policies for automatic expiration of inactive identities and ensure that access to stale identities is always validated by a Zero Trust framework before any action is taken.
Playbooks in Clutch
110
Applies for:
Cloud Service Provider
Vault
Source Manager
CI/CD
Password Manager
EDR
Data
Network
PaaS
Collaboration
Project Management
Log Analytics
IDP
CRM
MDM
IM
Ticketing
Automation
HRIS
SIEM
