The termination gap can cause all kinds of trouble. That length of time between an employee leaving their role and their user access being de-provisioned is when dangerous activities can occur — including a malicious breach by that internal user — and the truth is organizations aren’t worrying enough about it.
What is the termination gap?
The termination gap is exactly what it sounds like: an insider threat caused by the gap of time between an employee’s termination (or a change in their job role and function), and a de-provisioning of their role-based access credentials to critical access points and assets. According to the Ponemon Institute 2020 Cost of Insider Threats: Global Study, there were 4,716 insider incidents recorded across the globe. In addition, criminal insiders made up 14% of insider breaches last year with a price tag of over $4 million—this caused by improper user access provisioning.
So paying attention to this gap and minimizing it as much as possible is crucial to mitigating insider threats and keeping critical access points safe.
Termination Gap v. Access Creep
No, the termination gap is not the same as access creep, though the consequences of both are similar. Both concepts involve a user having credentials to critical access points they shouldn’t have, and where there’s unnecessary access, there’s inherent risk. A disgruntled former (or soon to be former) employee could (just as an internal user with too much access) easily leak data, change assets, or otherwise cause harm to an organization’s operational technology with their access.
Internal Breaches Have External Consequences
This threat is ..
Support the originator by clicking the read the rest link below.
