User Access Review Checklist & Report - Netspective & Vendor Company
Review Type: Monthly Reviewed by: Niba Zazar Review Date: 02 August 2023 Approved By: Rinshad K. Asharaf Approved Date: 04 August 2023
List of Servers which review conducted:
- docker.nyc2.netspective.com
- docker2.nyc2.netspective.com
- prime.dcp.infra.nyc2.medigy.com
- docker-cm.prd.nyc2.netspective.com
- ax101.hetzner01.netspective.com
- home.new.nyc2.netspective.com
List of Applications which review conducted:
- https://gl.infra.medigy.com
- https://prime.idp.infra.medigy.com
- https://op.infra.medigy.com
- https://read.netspective.com
- https://ffcrm.bzo.medigy.com
- https://apm.infra.medigy.com
- https://synapse.matrix.infra.medigy.com
- https://ml.infra.medigy.com
- https://ffc.infra.medigy.com
- https://PostgreSQL database service
- https://openldap
- https://timescale/promscale
- https://Medigy VPN service
- https://nautobot.infra.medigy.com
| # | Checklist | Status (Yes/No) | Comment |
|---|---|---|---|
| 1 | Check and ensure the permission of Ex-Employees have been revoked | yes | Confirmed Ex-Employees user shell is disabled |
| 2 | Check and Ensure Shadow Admin account have been revoked | yes | Checked the shadow file status |
| 3 | Check and ensure the employees don’t have access permission from their previous positions | yes | Confirmed the current accessibility. |
| 4 | Check and ensure the employees have the least privileges possible | yes | Confirmed the required employee’s user permissions are least as possible |
| 5 | Check and make sure permanent access is only given when it is necessary with proper approval | yes | Checked |
Review Type: Monthly Reviewed by: Niba Zazar Review Date: 02 April 2023 Approved By: Rinshad K. Asharaf Approved Date: 05 April 2023
List of Servers which review conducted:
- docker.nyc2.netspective.com
- docker2.nyc2.netspective.com
- prime.dcp.infra.nyc2.medigy.com
- docker-cm.prd.nyc2.netspective.com
- ax101.hetzner01.netspective.com
- home.new.nyc2.netspective.com
List of Applications which review conducted:
- https://gl.infra.medigy.com
- https://prime.idp.infra.medigy.com
- https://op.infra.medigy.com
- https://read.netspective.com
- https://ffcrm.bzo.medigy.com
- https://apm.infra.medigy.com
- https://synapse.matrix.infra.medigy.com
- https://ml.infra.medigy.com
- https://ffc.infra.medigy.com
- https://PostgreSQL database service
- https://openldap
- https://timescale/promscale
- https://Medigy VPN service
- https://nautobot.infra.medigy.com
| # | Checklist | Status (Yes/No) | Comment |
|---|---|---|---|
| 1 | Check and ensure the permission of Ex-Employees have been revoked | yes | Confirmed Ex-Employees user shell is disabled |
| 2 | Check and Ensure Shadow Admin account have been revoked | yes | Checked the shadow file status |
| 3 | Check and ensure the employees don’t have access permission from their previous positions | yes | Confirmed the current accessibility. |
| 4 | Check and ensure the employees have the least privileges possible | yes | Confirmed the required employee’s user permissions are least as possible |
| 5 | Check and make sure permanent access is only given when it is necessary with proper approval | yes | Checked |
Review Type: Monthly Reviewed by: Niba Zazar Review Date: 06 January 2023 Approved By: Rinshad K. Asharaf Approved Date: 08 January 2023
List of Servers which review conducted:
- docker.nyc2.netspective.com
- docker2.nyc2.netspective.com
- prime.dcp.infra.nyc2.medigy.com
- docker-cm.prd.nyc2.netspective.com
- ax101.hetzner01.netspective.com
- home.new.nyc2.netspective.com
List of Applications which review conducted:
- https://gl.infra.medigy.com
- https://prime.idp.infra.medigy.com
- https://op.infra.medigy.com
- https://read.netspective.com
- https://ffcrm.bzo.medigy.com
- https://apm.infra.medigy.com
- https://synapse.matrix.infra.medigy.com
- https://ml.infra.medigy.com
- https://ffc.infra.medigy.com
- https://PostgreSQL database service
- https://openldap
- https://timescale/promscale
- https://Medigy VPN service
- https://nautobot.infra.medigy.com
| # | Checklist | Status (Yes/No) | Comment |
|---|---|---|---|
| 1 | Check and ensure the permission of Ex-Employees have been revoked | yes | Confirmed Ex-Employees user shell is disabled |
| 2 | Check and Ensure Shadow Admin account have been revoked | yes | Checked the shadow file status |
| 3 | Check and ensure the employees don’t have access permission from their previous positions | yes | Confirmed the current accessibility. |
| 4 | Check and ensure the employees have the least privileges possible | yes | Confirmed the required employee’s user permissions are least as possible |
| 5 | Check and make sure permanent access is only given when it is necessary with proper approval | yes | Checked |