Employee Management
Last Updated: Tuesday, 01 January 2017 02:43AM v091bh12
REOL Services has established, tested and proven procedures to mitigate internal risk.
- Isolated development, staging and production environments
- IAM users locked in IAM groups (with policy reviews)
- IAM Access credentials expiration
- MFA/2FA enforcement
- Authenticated VPN pass-through, no direct access
- Identity Federation
- Our credential management is decentralized
In a hypothetical event of employee dismissal or resignation a similar procedure is activated (details omitted):
- production and staging access revoked
- development access revoked, NFS flushed, shared user/home directory inaccessible
- Git, GitHUB credentials removed from organization, 2FA deactivated
- VPN credentials flushed from main cert
- Network access disabled (static IP reassigned to IoT)
- RADIUS WiFI access points cleared
- Propagation of SSH keys removal from BLESS (if applicable)
- SSO disabled for access to local domains (openResty+LUA nginx based, mysql backed central authority)
- Automated scrubbing to remove local user, web-server configurations, and services provisioned to the specific employee
Expected turn-around is under 20 minutes from start.