メインコンテンツへスキップ

Plan privileged accounts lifecycle (JML)

Implementation Effort: High – IT, security, and HR teams must work together to define, implement, and potentially automate processes that manage the lifecycle of privileged accounts.

User Impact: Low – End users are unaffected, though administrators may notice changes in how their elevated access is granted, reviewed, or revoked.

Overview

Privileged accounts require a well-defined Joiner-Mover-Leaver (JML) lifecycle to ensure access stays appropriate as people join, change roles, or leave the organization. Unlike standard user accounts, privileged accounts are often linked to sensitive roles and administrative responsibilities. When a new administrator joins, a cloud-only privileged account should be created with only the roles necessary for their job. If their responsibilities change, that access should be reviewed and adjusted. And when they leave, privileged access must be removed promptly to prevent security gaps. These actions help enforce the Zero Trust principle of “Use least privilege access,” ensuring accounts only hold the minimum rights required. It also aligns with “Assume breach” by closing pathways that could be exploited if an account remains active after it’s no longer needed.

Job changes present a strong opportunity to re-evaluate whether privileged access is still justified. Automating this process through lifecycle workflows reduces risk and ensures consistent enforcement. Without a JML process for privileged identities, organizations face the risk of over-privileged, orphaned, or stale admin accounts that can be exploited by threat actors or abused internally.

Reference