How many days until you disable inactive user accounts?  How many days until you delete inactive user accounts?

2.2k views5 Comments

Director of IT in Manufacturing, 5,001 - 10,000 employees
H+1 after user resign
Chief Technology Officer in Media, 2 - 10 employees
I define my own policies based on their security requirements, compliance regulations, and risk management practices. These policies often consider factors such as the nature of the organization's business, the sensitivity of the data accessed by the user accounts, and the overall security posture. 
The number of days before disabling or deleting inactive accounts can range from a few weeks to several months
CTO in Software, 11 - 50 employees
We wait four to six weeks before deactivating inactive user accounts to offer people who have been away from work for a short while a chance to renew their accounts. To assist safeguard the security of the company, we erase them completely after 180 days.
Vice President Information Technology in Finance (non-banking), 201 - 500 employees
4 weeks
Director in Manufacturing, 1,001 - 5,000 employees
If you are out on HR approved medical leave the account is locked as part of the process usually within a day. In Europe since many take 4+ weeks of vacation at once we allow 5 weeks. In the USA it’s 3 weeks. If the employee quits or is fired or laid off it’s disabled immediately.

Content you might like

Costs involved by this activity (external and internal)32%

Response time / waiting time / resolution time74%

Resolution quality55%


Knowledge / skills / know-how / expertise9%


2.1k views1 Upvote

We already have this15%

We are working on it63%

We are planning to15%

We don’t have any plans for this7%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
41.5k views131 Upvotes319 Comments