However, with that said, workers take maternity leave, projects get delayed due to budget constraints, employees...
come down with unexpected illnesses or need to care for loved ones, etc. No system can recognize these cases; only supervisors, and possibly HR. So, when it comes to people, make sure to consider the human issues, which are the domain of supervisors: They'll know whether an employee will return tomorrow, in a few days, or never.
In the worst-case scenario, such as you disable an account just in time to find out that the worker is returning the next day, and you need to re-enable it, experience says that re-enabling doesn't simply involve making a call, but rather following a process that could take hours or days. I'd suggest following your CIO's advice.
Dig Deeper on Privileged access management
Related Q&A from Randall Gamby
Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to ... Continue Reading
When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise ... Continue Reading
Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading