It’s Time For An Admin User Audit


By: Drew McManus

In: Arts Admin, Security, Web Tech

Even in non-pandemic times, scheduling regular admin user audits is a good idea. What we’re talking about is going through all the online platforms your organization maintains and making sure the existing admin user accounts are for active employees. Any others should be removed.

When we talk about online platforms, these include, but are not limited to:

  1. Website
  2. CRM/ticketing platform
  3. Email marketing platform
  4. Social media accounts
  5. Transactional email providers
  6. Institutional email accounts (G Suites, MS Exchange, etc.)
  7. Software as a Service (SaaS) accounts (Zapier, Zoom, Slack, etc.)

In a nutshell, there’s a lot to keep track of.

The why end of things is probably self-evident in that providing former employees access to institutional data generates crazy risk.

Tips & Tricks

  1. To help make sure you catch every platform, check any password manager services. You’re not really looking for the password so much as the list of sites where passwords exist.
  2. Checking browser password records is a similarly effective trick.
  3. Make sure you don’t delete any employee email addresses until after you’ve modified ownership at online platforms. Doing so could inadvertently lock you out of an account and permanently lose access to data. Not good.
  4. When removing users, make sure you don’t inadvertently delete all content associated with their account. For example, in WordPress, you’ll want to reassign all content for an admin user being removed to an existing user.
Drew McManus
Drew McManus
In addition to my consulting business, I'm also the Principal of Venture Industries Online but don’t let that title fool you into thinking I'm just a tech geek. I bring 20+ years of global broad-based arts consulting experience to the table to help clients break the cycle of choosing one-size-fits-none solutions and instead, deliver options allowing them to get ahead of the tech curve instead of trying to catch up by going slower. With the vision of legacy support strategy and the delights of creative insights, my mission is to deliver a sophisticated next generation technology designed especially for the field of performing arts. The first step in that journey began in 2010 when The Venture Platform was released, a purpose-designed managed website development solution designed especially for arts organizations and artists. For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, lead a team of intrepid arts pros to hack the arts, lead an arts business incubator, and love a good coffee drink.
Author Archive

Leave a Comment