Question
Ghost accounts are those accounts which are not closed when workers leave. These can include access to mainframes, databases, file servers, intranets and e-mail. There
are also remote access holes with VPN passwords and dial-in accounts. All of these open “back doors” into a network.
Answer
The actions required to remove ghost accounts depend upon the authentication method being used by GMS.
- Gordano User Database
Gordano’s software will allow access to the account until the account is disabled. In version 7, this can be done by creating a profile for “disabled accounts” and applying this to accounts as people leave. - External database – e.g. LDAP, SQL, NT SAM, Active Directory, etc.
As soon as the account is disabled in the external database, the user will no longer be able to log onto their account. EMail for that account will still be delivered as usual until the account is explicitly deleted from Gordanno’s software.
Reports in version 7 will show you when accounts were last accessed. There are also options to purge accounts based on when they were last accessed and when they were created. These can be found Users > Delete Users option.
An option is also provided to purge all email from the system that is older than a given number of days. This option can be found in Domains > Purge EMail.
Keywords:purge ghost maintenance leave left security delete