The Risks of Unused User Accounts | Titania

Unused user accounts can pose a serious threat to the health of your business.

When an employee leaves a company their user account should be disabled so that their access to company data and systems is revoked. However, this is not always easy to coordinate in larger enterprises. Network administration teams may not have implicit knowledge of the inner working of other departments, and may not receive prompt notification about a user’s change in status (they may have simply changed role).

If interdepartmental communication fails, the company could be left in a vulnerable position. A malicious ex-employee could cause reputational and business damage, leading to a loss of data, legal issues under the data protection act or sensitive business information being passed to a competitor.

The free Risk Assessment Tool produced by Titania helps to keep your PC secure by performing 21 baseline security checks; one of which is identifying unused user accounts on your local machine. This check is performed per the Cyber Essentials recommendation that user accounts are not inactive for a period of more than three months at a time.

Should the Risk Assessment Tool find any user accounts that fit this criterion it will list the User and their last login date along with their privileges, and expiry date for the account in a simple and easy to read report that provides advice as to how you can remove or disable the accounts.

Depending on the size of your network and internal procedures, it might be helpful to tailor your own criteria for checking if there are any user accounts enabled on your network. Titania has built a tool called Paws Studio that allows you to build your own checks that provide only the information you want. Try out a free trial of Paws Studio here.