Orphan Account

What Does Orphan Account Mean?

An orphan account is a corporate account that has permissions to access sensitive data or internal systems but does not belong to a specific legitimate user. These types of user accounts can be a significant liability to businesses.

Advertisements

Techopedia Explains Orphan Account

Experts point out that various types of orphan accounts include Active Directory and OpenLDAP accounts, but also more broadly characterize these accounts as accounts that are left behind by a transitioning party. The practice of identity access management has a lot to do with preventing the unauthorized use of orphan accounts.

Suppose someone in a high position or in a sensitive department leaves a company, and their account is not deactivated. This dormant account can be used as an orphan account if unauthorized third parties somehow get access. In a way, an orphan account is very similar to a stray house key that is left behind after a property has changed hands. That key can be used for unauthorized access – an orphan account in a corporate system can be used in much the same way.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…