How to Find Inactive Users
Oort’s Head of Solutions Engineering, Andy Winiarski, takes you on a quick video tour of Oort’s exclusive Identity Security Checks.
In this quick video, we’ll explore the check for Inactive Users.
Inactive Users Are Risky
Whether internal or external, third-party or organization-employed, inactive users pose a serious threat to organizations. Why? Because identities that are critical to your organization rarely sit unused or inactive for more than 30 days. If they’re not being used, there’s a good chance they’ve been forgotten or lost. Moreover, inactive identities are hard to discover, and when they start to pile up, they aggregate risk to your organization and provide unnecessary attack surface that is ripe for account takeover and subsequent abuse.
Let’s hear Andy explain how inactive users are a problem for every enterprise:
How to Clean Up Inactive Users In Your IdP
With Oort, cleaning up inactive users and reducing your identity attack surface is easy is easy and fast.
1. Navigate to “Checks”
2. Click on “Inactive Users” from the list, then click “Failing Users”
2. Click on any user in the list
4. Click their “Checks” tab
5. Click on “Inactive Users” from their list of failed checks
6. Click the ‘…’ and select your remediation action
That’s it!
Respond to Identity Threats with Oort
Oort offers many ways to respond to identity threats such as inactive users including emailing the impacted user or their manager, sending them a message in Slack or Microsoft Teams, or even opening a ticket in ServiceNow to have the account deprovisioned or deactivated. For a full list of actions and workflow tools that are available, check out the Oort Integrations page.