What this is a full audit tracking adn management. We deploy users in Office365/Azure identity management. If the user leaves the company, we disable their account. All of the other services that we have integrated into office 365 through Single Sign On (SSO) are automatically disabled. In IFS case we have to manually disable the account.
From an audit management, we have 100% control over our employee access to third party services. We had one guy that joined us form another company, and it took the old company 6 months to terminate there IFS account (took them that long before the IT staff realize that the user had left)
Under the new data breach laws, this is a data breach if the terminated user access the account and pulled information from it. under CCPA it is up to us to prove that a data breach did not occur. under CCPA, damages are assumed to happen. The organization has to prove that the did not happen. This is even more complicated since IFS does not support modern authentication (like MS or Google authenticator)
In our business if we are directed to terminate an employee, I want to make sure that the users are terminated with all service that we work with. Like wise if we run ngen security services on user accounts and process access for breaches, I need to have an audit trail and ability to manage account access based on security threat levels. This is reality today.
To product our business adn to remove personal liability form our founders, we need SSO integration for account management and adulting.