When talent take leave for more than three days, go on vacation, or leave the company, it is essential to revoke their access to the information and systems that are available to them. In the first two cases, access is enabled upon their return to work. At Fluid Attacks, we have a three-step process for access revocation:
Deactivating the IAM account: By doing this, users lose access to all company applications and client data. This includes platform, mail, etc.
Removing Git repository access: Users can no longer see confidential information from the repository, such as registry images, private issues, merge requests, etc.
Locking laptop access: Laptop access is blocked.
It is worth noting that easy access revocation is fundamental when dealing with sensitive data in an organization. That is why we have put so much effort into making this process as simple as possible.
This process must be completed in a 24-hour period.