Organization Should Have Fewer Than Three Owners
policy name: organization_has_too_many_admins
Organization owners are highly privileged and could create great damage if they are compromised. It is recommended to limit the number of Organizational Admins to the minimum needed (recommended maximum 3 owners).
- An organization has a permissive attitude and provides an owner role to all developers.
- One of the developers has decided to collaborate with an evil ransomware gang, and uses his high privileges to add a malicious external collaborator
- The malicious collaborator, being an owner, has a wide range of destructive operations he can do (e.g. remove security settings)
- Make sure you have admin permissions
- Go to the organization People page
- Select the unwanted owners
- Using the “X members selected” - change role to member