The number of non-human workers is growing, particularly as global organizations increasingly prioritize cloud computing, DevOps, IoT devices, and other digital transformation initiatives. Yet, organizations frequently only apply access controls to humans (employees, contractors, etc.), despite the risks associated with cyberattacks and data breaches linked to non-human workers and their privileged access to sensitive information.
Further, when a human worker leaves an organization, the organization generally has set processes to revoke that employee’s access to systems and data, eliminating the risk that access to these systems and data remains available.
But what happens when a non-human worker is no longer needed? For many organizations, often that non-human worker’s access privileges remain intact. This presents opportunities for cybercriminals to exploit the orphaned accounts for unauthorized access and initiate cyberattacks.
Organizations must track and ..
Support the originator by clicking the read the rest link below.
