GRC.System user from GRC plugins?

Chris Smith4 · ‎09-03-2020

Does anyone know the purpose of the GRC.System user account that is brought in when activating the GRC plugins?

I have a client who flagged this due to it containing the platform admin role (not just the scoped GRC admin role). I can't find details about what this service account does and why it needs full platform admin.

There is a similar VR.System user from the Vulnerability Response solution, but it only contains scoped admin rights.

Thank you!

Chris

Ashutosh Munot1 · ‎09-09-2020

Hi,

I would say this is a integration user and he cant login using the UI. So no risk.

But if you still want to disable this you can disable it by looking into all the scheduled jobs and schedule imports if this user is used or not.

Thanks,
Ashutosh

View solution in original post

Ashutosh Munot1 · ‎09-03-2020

HI,

This is an integration user, used for importing the libraries and it is OOB user.

@Eric Feron @Phil Swann @Jan Spurlin

Thanks,
Ashutosh

Phil Swann · ‎09-04-2020

Agreed, it also inherits the role: sn_grc.sn_grc_system_admin which provides far reaching permissions!

OOTB user account is ticked as integration user.

You could also use it for execution of scheduled jobs, indicators and PA jobs

Nothing in any DOCs about this. Pending further detail.

Chris Smith4 · ‎09-08-2020

Thanks Ashutosh and Phil - any idea what the impact would be if this system user was inactivated or if the platform admin role was removed? My client tracks the total number of platform admin accounts within their instances and would like to remove this one if there is no impact

Ashutosh Munot1 · ‎09-09-2020

Hi,

I would say this is a integration user and he cant login using the UI. So no risk.

But if you still want to disable this you can disable it by looking into all the scheduled jobs and schedule imports if this user is used or not.

Thanks,
Ashutosh