In defense of sloppy account management …
Sort of. Rather, deliberately sloppy account management.
Reading through this in particular, and that, I wondered: Would there not be a nice part of a solution in seeding your user accounts database(s) with fake accounts, to act as tripwires ..? They could be given no access to anything, or access only to honeypot-like info / environments. And then trigger the alarm when accessed – by intruders, or by own security staff or auditors when doing surveillance of controls functioning.
Somehow also, I have a gut feeling there’s some hidden secondary effects in this. Any of you who has given this some more thought already, and have info on this ..? Much appreciated.