Security Operations: Examining user onboarding and Offboarding Flashcards
What is onboarding and offboarding?
Onboarding and offboarding
Onboarding is a systematic approach to welcoming new employees or users to an organization’s systems and services, enabling an easy transition and setting them up for successful integration and productivity.
Conversely, offboarding is systematic approach to managing an employee’s departure, or that of a user, from an organization’s systems and services in a secure and compliant manner. This includes account deactivation and data handling.
What is provisioning and deprovisioning?
Provisioning and deprovisioning
Account provisioning is a systematic process of creating and configuring user accounts in an organization’s systems and services. This helps ensure that new employees or users have the necessary access and resources to perform their roles effectively.
Conversely, account deprovisioning is a systematic process of disabling or removing user accounts, associated access rights, and privileges in an organization’s systems and services, thereby helping ensure the secure and efficient management of departing employees or users.
What is the process of onboarding process?
Steps might vary, but the following sections describe what an onboarding process might entail.
- Document identification
This refers to the user providing identifying information, which might include:
A driver’s license.
State-issued identification.
Government-issued identification.
Social-security number.
A utility bill that indicates proof of address.
Identity proofing refers to a user providing sufficient information to establish an identity, per the National Institute of Standards and Technology (NIST).
- Employee account provisioning
This refers to the process of creating accounts and generating access for the employee, and includes:
Generating an employee ID.
User account provisioning, including:
Username and password.
Role or group assignment.
Permissions assignment.
Policy assignment.
Device and application provisioning, including policy assignment.
- Maintenance and monitoring
This refers to the process of managing an employee’s accounts and access, and might include:
Password resets (including key backup & recovery).
Device lockout.
Permission management.
System activities.
Resource access activity.
Backups.
What process do you need for Deprovisioning?
- Deprovisioning
This refers to the process of disabling or removing a user account, and might include:
Disabling the user account.
Device collection.
Key backup.
Data backup reassignment.
Deleting the account. (Tomb Stone for 30 days – before deleting)
Implications of privilege and permissions assignment
What are the implication of privilege and permission assignment?
Implications of privilege and permissions assignment
A strong onboarding policy and set of clearly defined procedures helps ensure users are granted a sufficient amount of permissions or privileges appropriate to their job function. You should always implement the principle of least privilege, which defines this concept, to avoid compromise and unauthorized access to, or modifications of, organizational assets.
