Related Links

SaaS Alerts has released a new account management functionality within its SaaS security monitoring tools.

The purpose of this feature is to assist Partners and their client organisations with the task of “cleaning up” inactive accounts.

What are inactive accounts?

Inactive accounts are user accounts that members no longer require of an organisation to gain access to their resources.

A key identifier for these stale accounts is that they have not signed into the environment for an extended period.

Guest User Accounts & Vulnerability

Sharing data occurs by designating access to outside domains, which triggers the creation of a “guest account”

Many of these inactive accounts take the form of guest accounts. These accounts are created for day-to-day file-sharing activities with individuals outside of the organisation.

One method of sharing data occurs by designating access to outside domains, which triggers the creation of a “guest account” to permit access to the shared resources. While this enables the organisation a quick and convenient way to share resources, it also leaves a security hole in the environment.

Vulnerable to security breaches

Within many organisations, these guest accounts are never reviewed to determine whether they should remain operational and if access to the sharing organisation’s tenant is still necessary after longer periods of inactivity.

Inactive guest user accounts are vulnerable to security breaches because they allow unauthenticated network users to sign in as a Guest without a password.

Data exposure

These unauthorised users can access any resources that can be accessed to the Guest account.

This means that any shared folders with permissions that allow access to the Guest account also allow access to the Guest group and the Everyone group which could lead to the exposure or corruption of the organisation’s data.

Former Team Members’ User Accounts

Service providers may not always block access or remove accounts for team members who have separated

Organisations and their service providers may not always block access or remove accounts for team members who have separated from the client organisation.

Accounts left behind for former team members pose an obvious risk. They can be exploited either by former team members or bad actors who may take advantage of the fact that such accounts are no longer “seen” daily. As a result, nefarious activity may go undetected.

Best practices for stale user accounts

When an account is no longer required for resource access, and it remains an entry point to the Office 365 tenant it can be considered “stale”. To protect the environment from data breaches, it is recommended to follow these guidelines:

  • Remove stale accounts from the tenant to follow security best practices and maintain the smallest possible attack surface in the Office 365 environment.
  • Set accounts to “block sign-in” if it is uncertain whether or not the account may be required in the future.
  • Deploy SaaS Alert's new account management feature, which allows MSP Partners to quickly filter for any accounts (not only guest user accounts) that have been inactive for an extended period.

P2 licencing

Microsoft itself acknowledges that good security hygiene includes removing stale accounts, whether guest users or former accounts that are no longer active, and provides additional admin tools when premium P2 licencing is in use with an Office 365 tenant. 

Unfortunately, P2 licencing is not economically feasible for every customer organisation. SaaS Alerts hopes this new tool will help MSP Partners better serve the security needs of the many SMB customers that they serve.

Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.

Related videos

Insta DomainLink Secret™

Insta DomainLink Secret™
Wan 2.2-S2V demo video: Female singer

Wan 2.2-S2V demo video: Female singer
Dahua MultiVision Online Event - Look Wider, Protect Deeper

Dahua MultiVision Online Event - Look Wider, Protect Deeper

In case you missed it

What are emerging applications for physical security in transportation?
What are emerging applications for physical security in transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher & Fortified enhance perimeter security solutions
Gallagher & Fortified enhance perimeter security solutions

Global security manufacturer - Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years...

Genetec: Data sovereignty in physical security
Genetec: Data sovereignty in physical security

Genetec Inc., the global pioneer in enterprise physical security software, highlights why data sovereignty has become a central concern for physical security leaders as more survei...

Featured white papers
Aligning physical and cyber defence for total protection

Aligning physical and cyber defence for total protection

Download
Understanding AI-powered video analytics

Understanding AI-powered video analytics

Download
Enhancing physical access control using a self-service model

Enhancing physical access control using a self-service model

Download
How to implement a physical security strategy with privacy in mind

How to implement a physical security strategy with privacy in mind

Download
Security and surveillance technologies for the casino market

Security and surveillance technologies for the casino market

Download
More corporate news
Fotokite Sigma wins 2021 Design Prize Switzerland

Fotokite Sigma wins 2021 Design Prize Switzerland
DNAKE wins bronze at IDEA 2022 for smart screen-slim

DNAKE wins bronze at IDEA 2022 for smart screen-slim
AxxonSoft and TD SYNNEX take partnership to the next level

AxxonSoft and TD SYNNEX take partnership to the next level
Featured products
Dahua Smart Dual Illumination Active Deterrence Network PTZ Camera

Dahua Smart Dual Illumination Active Deterrence Network PTZ Camera
Hikvision DS-K6B630TX: Smart Pro Swing Barrier for Modern Access Control

Hikvision DS-K6B630TX: Smart Pro Swing Barrier for Modern Access Control
Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)

Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)