How to identify inactive and abandoned SaaS accounts with Nudge Security

With continuous monitoring of account status across your entire estate, Nudge Security makes it easy to find and prune inactive and abandoned SaaS accounts.

August 10, 2023

Do you ever feel like your colleagues suffer from “new shiny object” syndrome? One week, they’re spinning up a free trial of the latest generative AI tool, and then the next week, they’ve moved on to the next new, shiny object on Product Hunt.

Don’t get me wrong. Experimenting with new tools to solve problems faster and work more efficiently is great. But, what happens to all of those experimental cloud and SaaS accounts that get tossed by the wayside in that effort? Do users take the time to properly deprovision accounts, and are those steps verifiable? More importantly, what happens to all of the sensitive corporate data sitting in those accounts?

Continuous SaaS monitoring of users’ account statuses is extremely useful for SaaS data governance, reducing risk, curbing SaaS sprawl, and cutting wasted SaaS spending. Plus, organizations with compliance requirements, such as PCI DSS, are required to remove user accounts after a certain period of inactivity. 

The challenge, of course, is keeping an accurate record of status across hundreds and thousands of cloud and SaaS accounts. If you include the status OAuth grants given between applications, that number balloons past the point of feasibility for spreadsheet management. 

Fortunately, Nudge Security makes continuous SaaS monitoring not only possible, but simple and actionable. 

How Nudge Security can help

Nudge Security monitors cloud and SaaS account status across your entire estate, so you can easily find and prune inactive and abandoned SaaS accounts. There are multiple ways an account status gets updated in Nudge Security:

  • SaaS account login activity data from a connected SSO
  • Responses to ad hoc nudges asking account holders, “Are you still using this app?”
  • Responses to programmatic nudges sent on schedule or when running playbooks
  • Manual account status updates by application owners or account holders 

Nudge Security puts this data into some very good-looking charts, so you can monitor SaaS account activities right next to SaaS adoption trends. 

Check it out for yourself in our interactive demo. 

Connect to SSO to find inactive accounts automatically.

When you connect Nudge Security to an SSO provider like Okta, Nudge Security uses account login activity data from the SSO to update SaaS account statuses automatically. For example, if an account shows no activity for the past 90 days, Nudge Security will set the account status to inactive. Conversely, if the SSO shows activity within the past 90 days, Nudge Security will set the account status to active. Nudge Security also provides visibility of these status changes. 

Nudge employees to ask if they’re still using a SaaS application. 

While account activity records can be a good indicator of whether or not your employees have accessed an account recently, you might need additional context to know if the account is truly no longer needed or has been abandoned or forgotten. The best way to get this context is to go directly to the source: your employees. 

Nudge Security makes it painless to get this info from employees. Simply push a button to nudge them through Slack or email. As people respond to nudges, their account statuses will update automatically. For example, if they respond, “Yes, I’m still using it,” the status will be set to active. If they respond that they’ve already deleted the account, the status will be set to deleted. Nudge histories and any response comments are stored in Nudge Security, giving you a historical record of need justification and the ability to review any commentary or questions sent in response. 

Run playbooks to capture account status changes programmatically.

Another way that Nudge Security tracks  SaaS account status is through playbooks, the automated, purpose-built workflows in Nudge Security. Playbooks such as the SOC 2 access review playbook or employee offboarding playbook include nudges that task applications owners and technical contacts to remove accounts that are inactive or no longer needed. As people confirm task completion, the changes in account status will be reflected in the application summary pages as well as recorded in an audit-ready playbook report.

Update SaaS account statuses manually.

In addition to the automated ways in which Nudge Security monitors SaaS account statuses, you have the option to update an account status manually, giving you a flexible single source of truth for your SaaS portfolio. 

It’s worth noting that Nudge Security allows administrators to extend platform access to all employees, giving them visibility and some responsibility over their individual SaaS footprints. I’ll admit, as an end user of Nudge Security at Nudge Security (we chug our own champagne here), I’ve even come across a few SaaS accounts I totally forgot signing up for, deleted them and any data, and updated the status within Nudge Security. Like most employees, I have no interest in wasting company resources or increasing risk by keeping around SaaS tools I don’t need anymore.

Reduce risk and save money with Nudge Security.

You really can have your cake and eat it, too. With Nudge Security, you continuously monitor SaaS accounts to identify and remove inactive and abandoned accounts. In doing so, you can work toward shrinking your organization’s SaaS attack surface while also saving your organization from wasted investments. Nudge Security makes it simple, comprehensive and continuous.

Ready to obliterate inactive and abandoned SaaS accounts? Try it for yourself with our free 14-day trial.

Related posts

Report

Debunking the "stupid user" myth
in security

Exploring the influence of employees’ perception
and emotions on security behaviors