Security & DevSecOps Practical By Samson Tanimawo, PhD Published Nov 17, 2025 4 min read

Cloud Account Lockout Procedures

Compromised accounts. The lockout.

Immediate

Disable IAM users. Revoke active sessions.

Within minutes.

Snapshot for forensics. CloudTrail review.

Don't destroy evidence.

After investigation: rotate everything. Restore access only after sign-off.

Don't rush back.