cancel
Showing results for 
Search instead for 
Did you mean: 
rcanzanese
Netskope
Netskope

In our latest blog, we explore IAM best practices and AWS and highlight two findings:

 

  1. The majority of organizations don't enforce access key rotation for their IAM users.
  2. The majority of organizations aren't deleting inactive IAM accounts.

We access keys that were nearly a decade old and many IAM accounts that hadn't been used in over a year, exposing a lot of risk surface that can likely be locked down.  How can you identify these old access keys and inactive IAM accounts? We have two Security Assessment rules that can help:

 

Remove/disable inactive user accounts within 90 days

rcanzanese_0-1620394398970.png

 

Remote access: Ensure access keys unused for 90 days or greater are disabled

rcanzanese_1-1620394491833.png

 

Once the rules have run, you will see the results in your compliance report.

rcanzanese_2-1620394781174.png

 

Oops, I have a couple of  users in this AWS account that require some cleanup! I'll just follow the remediation guidance to ensure those two rules are marked green next time around. 

rcanzanese_3-1620395048876.png