Re: Guidance on user deletion

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: Guidance on user deletion
Дата
Msg-id CAKFQuwaD09pSsUuuxt74UnS_a4hZozqC4JRAEf1Y-mAYY4n+fg@mail.gmail.com
обсуждение исходный текст
Ответ на Guidance on user deletion  ("Wetmore, Matthew (CTR)" <Matthew.Wetmore@evernorth.com>)
Список pgsql-admin
Дерево обсуждения
On Fri, May 10, 2024, 11:37 Wetmore, Matthew (CTR) <Matthew.Wetmore@evernorth.com> wrote:

Corporate env.

 

I’ve searched for an official BestPractice on user  deletion (leave company), but can’t find anything that is official-ish.

 

Two options:

 

  1. Change user psswd to nonsense, then expire account.
  2. DROP user.

 

There are +/- to both.

 

I prefer #1, as it gives the exact timestamp of expire (protects company and ex-employee), but corporate auditors disagree.

 

What do you do?  Any official guidance on this?

 


Use proper off-machine audit logs to make the auditors happy then drop stuff no longer has relevance.

David J.

В списке pgsql-admin по дате отправления: