On Fri, May 10, 2024, 11:37 Wetmore, Matthew (CTR) <Matthew.Wetmore@xxxxxxxxxxxxx> wrote:
Corporate env.
I’ve searched for an official BestPractice on user deletion (leave company), but can’t find anything that is official-ish.
Two options:
- Change user psswd to nonsense, then expire account.
- DROP user.
There are +/- to both.
I prefer #1, as it gives the exact timestamp of expire (protects company and ex-employee), but corporate auditors disagree.
What do you do? Any official guidance on this?
Use proper off-machine audit logs to make the auditors happy then drop stuff no longer has relevance.
David J.
