GlassbreakGlassbreak

Answers

Plain-language answers to the questions teams ask about break-glass procedures, emergency access, and crisis response.

What are break-glass account best practices?Core break-glass account practices: limit who can trigger it, require quorum approval, time-box access, log everything, and drill it.2026-07-17How does DORA affect emergency access to ICT systems?DORA requires EU financial entities to have response and recovery procedures for ICT incidents, including how staff reach critical systems under stress.2026-07-17How should a team store 2FA recovery codes?Team 2FA recovery codes belong in encrypted, access-controlled storage separate from the account they unlock — never a spreadsheet or chat message.2026-07-17How do you remove key-person risk from credentials?Remove key-person risk from credentials by replacing single-owner access with quorum-based recovery, per-team vaults, and offboarding that revokes instantly.2026-07-17What does NIS2 require for incident-response access?NIS2 Article 21(2) requires in-scope entities to have incident-handling measures and secured emergency-communication systems as part of their risk management.2026-07-17What happens when your password manager is down?When a password manager is down, locked, or its owner is unreachable, you fall back to whatever emergency-access path you set up in advance.2026-07-17What break-glass evidence do SOC 2 auditors expect?SOC 2 auditors typically expect break-glass evidence covering who can trigger access, what approval was required, what was reached, and when it ended.2026-07-17What is a dead man's switch for credentials?A dead man's switch for credentials releases access automatically if you stop checking in, so critical logins aren't lost if you become unavailable.2026-07-17What is quorum-based (Shamir) secret sharing?Quorum-based secret sharing splits a key into shares so a threshold of independent people must combine theirs to recover it, and nothing below it works.2026-07-17What is a break-glass procedure?A break-glass procedure is a controlled process for emergency access to critical secrets or systems when the normal access path is unavailable.2026-07-16

Stay Updated

Get product updates and security insights. No spam, unsubscribe anytime.

We respect your privacy. See our privacy policy.