Want to keep your business safe from potential cyberattacks? Make sure you regularly review and remove inactive users in Microsoft 365 or Google Workspace.
In the digital age, we all rely heavily on cloud services such as Microsoft 365 and Google Workspace. Without these innovative and efficient tools, many organizations would grind to a halt and struggle to be productive. If the Ophtek office, for example, suddenly lost access to the cloud, we wouldn’t be able to bring you our weekly blog on cybersecurity. So, these platforms are crucial, but they also carry a certain level of risk.
Hackers often target inactive accounts because they’re less likely to be monitored, making them easier to compromise. Therefore, it makes sense to regularly review a list of inactive users within your organization. Not only does this reduce the attack surface, but it also protects your business from potential data breaches.
The Dangers of Dormant Cloud Accounts
A “tenant” in Microsoft 365 or Google Workspace describes your organization’s dedicated space in the cloud, where all your users, files, and applications are managed. Essentially, it’s the digital backbone for your business. Within this tenant, each user account has certain permissions like reading emails or being able to access certain shared folders. However, if an employee leaves your business or goes on long-term leave, this account doesn’t automatically disappear.
It would be fantastic, and save businesses a lot of trouble, if these accounts auto closed themselves, but that’s not a luxury we have. Furthermore, these inactive accounts stand out as attractive targets to hackers. You may be wondering why and, luckily, Ophtek is here to fill in the gaps. Inactive accounts often have weak passwords, usually from a period when complex passwords weren’t mandatory. They may not have multi-factor authentication in place – a major security risk as detailed by Google. And ultimately, they’re less likely to trigger security alerts.
This is why hackers are highly interested in old, dormant accounts. In many cases, these accounts represent a straightforward way to breach your defenses. And external threats aren’t the only concern, there are also internal risks. Permissions may still be active, allowing former employees to access confidential data without authorization. This could include stealing client information to benefit other organizations or harvesting data about employees. Consequently, auditing the status of accounts across your cloud services is crucial for security.
Reducing the Risk of Inactive Accounts
Ophtek understands the importance of monitoring user accounts, so we’re going to share a few recommendations with you to keep your IT systems secure.
To effectively review user accounts, you need to start by generating a list of all active and inactive users in your Microsoft 365 or Google Workspace tenant. If accounts haven’t been used in the past 90 – 180 days, check whether these are still required for ongoing projects. The best people to liaise with in these situations are team leaders. They will be able to verify if access is still required or if the accounts can be closed. It’s also important that you follow this up with announcements to all staff on the importance of strong, unique passwords and multi-factor authentication.
Establish this review process via a standard operating procedure and schedule it for every three months. Keeping on top of your inactive accounts will minimize your organization’s security risk and protect your data.
For more ways to secure and optimize your business technology, contact your local IT professionals.
