Single sign on, application risk

15 pts.
Tags:
Active Directory
Security
Company uses single sign on, which is kept up to date in terms of the access rights granted to general users. However, access rights to certain key applications is not. IT indicates this is not a risk. Except from a general tidiness perspective, is there a risk that a deactivated AD user's, who has access to the key application, could be used inappropriately by a general user?
0

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    Sure, any type of system abuse is possible, often with limited accountability in the event something goes awry. There are a lot of moving parts at play in such a scenario including business workflows and politics. It might be good to get a third-party to come in and review this particular situation or, ideally, perform an overall information risk assessment.
    27,505 pointsBadges:
    report
  • AndreaF
    A deactivated user id should not be a threat - if a former user is unable to log onto your system, there should be no access available to your key application....unless this application is accessible to the general public outside of your network.
    11,330 pointsBadges:
    report
  • Inachisio

    Thanks Andrea & Kevin.

    It is not available to the general public.

    It is an in-house developed system. I just mention this as it is there are some super user access that we need to tighten.

    With the general users though, my limited understanding of single sign on, is that they wouldn't be able to log on as another user - as the AD prevents this, unless there is some sort of back door built into the system? So am I correct in saying this is where a review/ third party review would have to focus.


    Thanks for assisting.



    15 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: