{"id":1405,"date":"2023-12-07T10:54:06","date_gmt":"2023-12-07T09:54:06","guid":{"rendered":"https:\/\/memority.p2.pp-izhak.fr\/2023\/12\/07\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/"},"modified":"2024-07-07T23:44:49","modified_gmt":"2024-07-07T21:44:49","slug":"orphan-accounts-the-key-to-cyberattacks","status":"publish","type":"post","link":"https:\/\/memority.p2.pp-izhak.fr\/en\/orphan-accounts-the-key-to-cyberattacks\/","title":{"rendered":"Orphan accounts, the key to cyberattacks\u2026"},"content":{"rendered":"

In 2021, a company managing the largest fuel pipeline in the United States suffered an attack that resulted in a severe gasoline shortage.\u00a0The attack targeted an inactive account with a weak means of authentication not used by the company, which had neither deactivated nor deleted it. This type of account is known as an orphan account.<\/strong><\/p>\n

This example from the fuel giant shows that a single orphan account can have serious economic and reputational consequences!<\/p>\n

There are many situations that can lead to the appearance of orphan accounts in a company\u2019s information system.\u00a0We\u2019ll be covering them in the various episodes of this serie of articles dedicated to orphan accounts.<\/strong><\/p>\n

\u00c9pisode 1 : orphan accounts, what\u2019s that all about?<\/strong><\/h4>\n

Orphan accounts are not\/no longer attached to a physical user. This may be a user who leaves a company or moves up the hierarchy, but whose rights have not been deactivated or removed. It can also be an account created locally in an application, whether privileged or generic, but not attached to an identity.<\/p>\n

Orphan accounts, and more generally poor identity lifecycle management, represent an increased risk of unauthorized access to sensitive data\u2026<\/p>\n

Identifying orphan accounts is therefore essential in IAM. Detecting them and proactively deactivating\/deleting them helps protect against malicious access to a company\u2019s IS.<\/strong><\/p>\n

Memority or the importance of identity lifecycle management<\/strong><\/h4>\n

Memority manages the entire identity lifecycle:<\/strong>\u00a0from onboarding (when a user joins the company) and assigning the right roles and rights, to offboarding (when a user leaves the company) and deactivating and deleting all access rights.<\/p>\n

The diagram below shows the lifecycle in the \u201cMemority\u201d approach.<\/strong>\u00a0The identity is first created to enable support teams to prepare its equipment and potential accesses. At the start of his employment contract, the identity is activated, and his life in the company begins. Over time, the account can be updated, suspended or deactivated. Once the end of the contract has passed, the identity is deleted, access is cut off and authentication is no longer possible.<\/p>\n

\"\"<\/p>\n

Controls are performed at account creation to prevent duplication of identities. Transfers from one entity\/BU to another are also managed to control which rights\/accesses should be assigned to the identity and which should be withdrawn. Finally, deactivation can be programmed, with a start date set at creation, or carried out manually, with immediate suspension of identity access.<\/p>\n

Memority enables information to be cross-referenced with HR sources, indicating active employees and their arrival and departure dates, and IT sources, the active directory, integrating users, their accounts and their accesses.\u00a0End-to-end lifecycle management ensures that a user\u2019s departure does not result in the survival of compromising access.\u00a0<\/strong>Once the identity has left, its accesses are automatically deactivated and then deleted following a grace period defined upstream.<\/p>\n

Whether it\u2019s a privileged account or a simple user, the policy remains the same for all, and particular attention is paid to their deletion on departure. It\u2019s essential to assign\u00a0the right rights<\/strong>\u00a0to\u00a0the right users<\/strong>\u00a0at\u00a0the right time<\/strong>, to guarantee the security of your information systems!<\/p>\n

<\/div>\n

-> To find out more about the benefits of the Memority platform:\u00a0click here<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

In 2021, a company managing the largest fuel pipeline in the United States suffered an attack that resulted in a severe gasoline shortage.\u00a0The attack targeted an inactive account with a weak means of authentication not used by the company, which had neither deactivated nor deleted it. This type of account is known as an orphan […]<\/p>\n","protected":false},"author":3,"featured_media":991,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[30,31,32,33],"class_list":["post-1405","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-non-classifiee","tag-cybersecurity-en","tag-iam-en","tag-idaas-en","tag-identityfactory-en"],"acf":[],"yoast_head":"\nOrphan accounts, the key to cyberattacks\u2026 - Memority<\/title>\n<meta name=\"description\" content=\"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Orphan accounts, the key to cyberattacks\u2026 - Memority\" \/>\n<meta property=\"og:description\" content=\"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/\" \/>\n<meta property=\"og:site_name\" content=\"Memority\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-07T09:54:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-07T21:44:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png\" \/>\n\t<meta property=\"og:image:width\" content=\"329\" \/>\n\t<meta property=\"og:image:height\" content=\"206\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Izhak-contenu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Izhak-contenu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/\",\"url\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/\",\"name\":\"Orphan accounts, the key to cyberattacks\u2026 - Memority\",\"isPartOf\":{\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png\",\"datePublished\":\"2023-12-07T09:54:06+00:00\",\"dateModified\":\"2024-07-07T21:44:49+00:00\",\"author\":{\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/c6ac154af9e29cdadf1380102b48a162\"},\"description\":\"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?\",\"breadcrumb\":{\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage\",\"url\":\"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png\",\"contentUrl\":\"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png\",\"width\":329,\"height\":206},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/memority.p2.pp-izhak.fr\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Orphan accounts, the key to cyberattacks\u2026\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/#website\",\"url\":\"https:\/\/memority.p2.pp-izhak.fr\/\",\"name\":\"Memority\",\"description\":\"L'IDaaS europ\u00e9enau service des enjeux business\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/memority.p2.pp-izhak.fr\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/c6ac154af9e29cdadf1380102b48a162\",\"name\":\"Izhak-contenu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/60656c8b16f6a95bfb54034344a959d53d08b47923ca24bc24069dc93f6c7bf1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/60656c8b16f6a95bfb54034344a959d53d08b47923ca24bc24069dc93f6c7bf1?s=96&d=mm&r=g\",\"caption\":\"Izhak-contenu\"},\"url\":\"https:\/\/memority.p2.pp-izhak.fr\/en\/author\/izhak-contenu\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Orphan accounts, the key to cyberattacks\u2026 - Memority","description":"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Orphan accounts, the key to cyberattacks\u2026 - Memority","og_description":"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?","og_url":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/","og_site_name":"Memority","article_published_time":"2023-12-07T09:54:06+00:00","article_modified_time":"2024-07-07T21:44:49+00:00","og_image":[{"width":329,"height":206,"url":"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png","type":"image\/png"}],"author":"Izhak-contenu","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Izhak-contenu","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/","url":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/","name":"Orphan accounts, the key to cyberattacks\u2026 - Memority","isPartOf":{"@id":"https:\/\/memority.p2.pp-izhak.fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage"},"image":{"@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage"},"thumbnailUrl":"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png","datePublished":"2023-12-07T09:54:06+00:00","dateModified":"2024-07-07T21:44:49+00:00","author":{"@id":"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/c6ac154af9e29cdadf1380102b48a162"},"description":"Comment g\u00e9rer et orchestrer les comptes orphelins de mani\u00e8re strat\u00e9gique et ma\u00eetris\u00e9e ?","breadcrumb":{"@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#primaryimage","url":"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png","contentUrl":"https:\/\/memority.p2.pp-izhak.fr\/wp-content\/uploads\/2024\/06\/comptes-orphelins.png","width":329,"height":206},{"@type":"BreadcrumbList","@id":"https:\/\/memority.p2.pp-izhak.fr\/compte-orphelin-lelement-facilitateur-des-cyberattaques\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/memority.p2.pp-izhak.fr\/en\/"},{"@type":"ListItem","position":2,"name":"Orphan accounts, the key to cyberattacks\u2026"}]},{"@type":"WebSite","@id":"https:\/\/memority.p2.pp-izhak.fr\/#website","url":"https:\/\/memority.p2.pp-izhak.fr\/","name":"Memority","description":"L'IDaaS europ\u00e9enau service des enjeux business","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/memority.p2.pp-izhak.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/c6ac154af9e29cdadf1380102b48a162","name":"Izhak-contenu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/memority.p2.pp-izhak.fr\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/60656c8b16f6a95bfb54034344a959d53d08b47923ca24bc24069dc93f6c7bf1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/60656c8b16f6a95bfb54034344a959d53d08b47923ca24bc24069dc93f6c7bf1?s=96&d=mm&r=g","caption":"Izhak-contenu"},"url":"https:\/\/memority.p2.pp-izhak.fr\/en\/author\/izhak-contenu\/"}]}},"_links":{"self":[{"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/posts\/1405","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/comments?post=1405"}],"version-history":[{"count":2,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/posts\/1405\/revisions"}],"predecessor-version":[{"id":1409,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/posts\/1405\/revisions\/1409"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/media\/991"}],"wp:attachment":[{"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/media?parent=1405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/categories?post=1405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/memority.p2.pp-izhak.fr\/en\/wp-json\/wp\/v2\/tags?post=1405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}