How many days until you disable inactive user accounts?  How many days until you delete inactive user accounts?

2.3k viewscircle icon3 Comments
Sort by:
Director in Manufacturing2 years ago

If you are out on HR approved medical leave the account is locked as part of the process usually within a day. In Europe since many take 4+ weeks of vacation at once we allow 5 weeks. In the USA it’s 3 weeks. If the employee quits or is fired or laid off it’s disabled immediately.

Vice President Information Technology in Finance (non-banking)2 years ago

4 weeks

Chief Technology Officer in Media2 years ago

I define my own policies based on their security requirements, compliance regulations, and risk management practices. These policies often consider factors such as the nature of the organization's business, the sensitivity of the data accessed by the user accounts, and the overall security posture. 
The number of days before disabling or deleting inactive accounts can range from a few weeks to several months

Content you might like

CIO46%

CISO43%

Other C-suite individual (please specify)8%

Difficult to say.2%

View Results

Over reach by an aggressive prosecutor ?6%

UBERs prior CEO should be the one charged ?39%

This sort of payment/use of bug bounty happens routinely ?30%

CISOs/CSOs are now on notice for the actions they take ?16%

I am going to do a deep dive on my bug bounty program immediately ?2%

Most companies do some sort of breach coverup - especially when it comes to potential IP theft?4%

View Results