Application Launcher

Security is important for every website. When employees leave a project or company for whatever reason, you must review their security access to prevent potential future tampering or the loss of important data. Failure to secure your after an employee departure can result in issues like the following:

Security is important for every website. When employees leave a project or company for whatever reason, you must review their security access to prevent potential future tampering or the loss of important data. Failure to secure your subscription (glossary term, activate to view definition) after an employee departure can result in issues like the following:

Incorrect credit card charges
Failure to receive Cloud Platform notifications
Account and application security breaches

Remove the employee from your Acquia Teams
The subscription administrator (glossary term, activate to view definition) should remove the employee from all teams. If the administrator is the departing employee, the departing employee can designate a new organization owner. If this isn’t possible, create a Support ticket and copy the previous owner (glossary term, activate to view definition) on the ticket for an easier transition, if possible. If the previous owner is unavailable, see Transferring ownership from an unavailable owner.
Remove any employee-specific entries from your Users and Keys page
1. Sign in to the Cloud Platform user interface and navigate to your environment (glossary term, activate to view definition) in an application.
Remove the employee from any elevated roles on your websites
Check any single sign-on solutions your organization (glossary term, activate to view definition) uses.
Remove the employee’s entries from the Teams and Permissions pages
For information about how to do this, see Transferring ownership of an organization. For information about completely deleting a user account from Cloud Platform, see GDPR Data Subject Rights requests.
Update credentials in Pipelines
Pipelines performs jobs with the credentials of the user who first performs a Pipelines job for that subscription. If the departing employee provided the credentials for your subscription, your Pipelines jobs may fail.

Change any administrative passwords to which the employee had access
Affected passwords can include the website itself, shell accounts, and phpMyAdmin.
Review the Drupal roles and permissions
Edit the employee’s account in your Drupal website, and change their access to a lower permission level, or set it to blocked.
Important
Acquia does not recommend deleting accounts as that can lead to data loss in Drupal.
Review recent code changes
If the parting is less than amicable, a departing individual may commit code allowing continued access to the website through a back door.
Revoke access to servers and version control systems
Review IP allowlists on firewalls and Apache (or your) .htaccess files
Change the salt for your encryption
For more information about encryption salting, see this Wikipedia article.

Remove the employee from your Acquia Teams
The subscription administrator (glossary term, activate to view definition) should remove the employee from all teams. If the administrator is the departing employee, the departing employee can designate a new organization owner. If this isn’t possible, create a Support ticket and copy the previous owner (glossary term, activate to view definition) on the ticket for an easier transition, if possible. If the previous owner is unavailable, see Transferring ownership from an unavailable owner.
Remove any employee-specific entries from your Users and Keys page
1. Sign in to the Cloud Platform user interface and navigate to your environment (glossary term, activate to view definition) in an application.
Remove the employee from any elevated roles on your websites
Check any single sign-on solutions your organization (glossary term, activate to view definition) uses.
Remove the employee’s entries from the Teams and Permissions pages
For information about how to do this, see Transferring ownership of an organization. For information about completely deleting a user account from Cloud Platform, see GDPR Data Subject Rights requests.
Update credentials in Pipelines
Pipelines performs jobs with the credentials of the user who first performs a Pipelines job for that subscription. If the departing employee provided the credentials for your subscription, your Pipelines jobs may fail.

Change any administrative passwords to which the employee had access
Affected passwords can include the website itself, shell accounts, and phpMyAdmin.
Review the Drupal roles and permissions
Edit the employee’s account in your Drupal website, and change their access to a lower permission level, or set it to blocked.
Important
Acquia does not recommend deleting accounts as that can lead to data loss in Drupal.
Review recent code changes
If the parting is less than amicable, a departing individual may commit code allowing continued access to the website through a back door.
Revoke access to servers and version control systems
Review IP allowlists on firewalls and Apache (or your) .htaccess files
Change the salt for your encryption
For more information about encryption salting, see this Wikipedia article.

Cloud Platform security steps

Drupal security

Did not find what you were looking for?

Cloud Platform security steps

Drupal security

Did not find what you were looking for?

Best practices for team (glossary term, activate to view definition) member departures

Best practices for team (glossary term, activate to view definition) member departures

Best practices for team (glossary term, activate to view definition) member departures

Cloud Platform security steps

Drupal security

Did not find what you were looking for?

Cloud Platform security steps

Drupal security

Did not find what you were looking for?