Lack of controls related to granting access to secured servers can leave an organization or business vulnerable to sabotage. For example, gaps in server access authorization processes can permit undesirable access to secured servers. For instance, password files for those having access to secured servers may include people that either no longer work for a company or have moved on to other assignments that do not require access to the secured servers. Also, company authorization processes may permit any employee to call technical services and request access to secured servers without an approval process to verify whether a request is valid.
Additionally, some companies do not have a formal procedure for tracking and removing user accounts from secured servers once a user no longer needs access. Thus, a disgruntled employee who has left a company may still retain access to secured servers and potentially create havoc. For instance, when the servers are secured billing servers, depending on the disgruntled employee's access rights, he or she could delete service, create errors, and/or delete records to cause the billing system to lose records of services to be billed and thus lose revenue. Still further, proprietary and/or private information stored on the secured servers, such as customer specific information, could be open for undesirable use.
Accordingly there is an unaddressed need in the industry to address the aforementioned deficiencies and inadequacies.