This process will protect your business from ex-employees
Every employee in the modern workplace creates a digital footprint. This starts as soon as they’re hired, with a company email address and application logins. They may even update their LinkedIn page to show their connection to your company.
When an employee leaves a company, it’s important to go through a process of, “decoupling” them from the company’s technology assets. This digital offboarding is vital to cybersecurity.
To avoid data breaches and other malicious activity, it is crucial that you revoke all digital privileges from former employees. This process, called digital offboarding, includes revoking access to company data and much more. To help you remember everything, we’ve provided a checklist below.
Your Digital Off-boarding Checklist:
Transfer of Knowledge
When an employee leaves a company, the knowledge they have acquired throughout their time there disappears with them. It’s crucial to capture this information during a digital off-boarding process. This could be anything from the social media apps they used for company posts, to productivity-enhancing methods, such as the best way to enter sales data into the CRM. Make sure you do a ‘knowledge download,’ with an employee during their exit interview or, better yet, have all staff regularly document procedures and workflows, so that this information is available even if the employee is not there to perform those tasks.
Address Social Media Connections to the Company
If the former employee is still connected to your company’s social media, reach out and address those connections. For example, does their personal Facebook account have admin privileges for your company page? Do they post on your LinkedIn page often?
Another thing to check, is what applications are connected to your Company pages on Facebook, Instagram, and LinkedIn.
For example, social media posts can be done by using many 3rd party applications that sync with the social media website API, and post on their behalf. Make sure that passwords and access are changed on all 3rd party applications that are being used to make social media posts, to prevent ex-employees from having this level of access after they depart the company.
Identify All Apps & Logins the Employee Has Been Using for Work
Unfortunately, not all employers have a list of every app and website login that an employee has. However, this is something you should be aware of, as employees often use unauthorized cloud apps for work purposes, without realizing the security consequences. This is why it’s important to have a solid Info Sec Policy that all employees must follow.
Make sure to ask about any apps the employee may have used for business activities, so that you can address them accordingly. This might involve changing the login or exporting company data before closing the account altogether.
Change Email Password
One of the first things you should do when an employee leaves your company is change their email password. This will prevent them from accessing sensitive company information or sending emails as a representative of your company. Accounts are typically not closed immediately because all past emails need to be stored, but changing the password ensures that the former employee cannot access anything.
Another thing to consider is did the employees know other employee credentials. For example, a VP assistant probably knows many of the same passwords that the VP does. This will require changing both user’s passwords in case the assistant leaves the company.
Change Employee Passwords for Cloud Business Apps
To ensure safety, change the passwords for all other applications as well. People often use personal devices to access business apps, so just because they can’t access their work computer anymore doesn’t mean they can’t still access their old accounts. By changing the passwords, you’ll be able to lock them out no matter what device they’re trying to use. To streamline this process, consider using a single sign-on solution. This can be in a form of Azure. If you need help integrating Azure, AlphaCIS can help you with this.
Recover Any Company Devices
Immediately retrieve any company-owned devices from the former employee’s home to avoid losing the equipment. Often-times, remote employees are given work equipment that they use. Once an individual is no longer employed with a certain organization, they may attempt to get rid of or sell these items. Locking out the machines if they are not returned within a specified period of time, would let the ex-employee know that this computer is useless to them, and they should comply and return it to the company.
Recover Data on Employee Personal Devices
Although a “bring your own device,” (BYOD) policy helps cut company costs, and it makes the process of leaving the company more difficult. You must be certain to obtain all relevant data from these devices before an employee leaves. If your company does not have a backup policy for this already, now would be an ideal time to create one. The handling of BYOD must be clearly outlined in the Information Security Policy for your company.
Close Employee Accounts & Check your cloud Share permissions
Once an employee leaves your company, close their cloud account immediately. Maintaining inactive accounts is an open invitation to hackers. If there’s no one monitoring the account regularly, a criminal could gain access and steal data for months unnoticed.
If you are using a cloud-based file storage system for your company such as OneDrive/Sharepoint or GoogleDrive, certain files and folders can be shared, depending on the permissions allowed in your organization. Anyone with a link to a file or a folder could potentially modify/view these files without needing direct permissions. As you can see, if these permissions are allowed in your organization, an entire folder can be shared with any outsider, without the need to authenticate.
If you aren’t careful to manage this access, an Ex-employee can have an open-door to your company files long after they are gone, and long after you revoke their email and system access. Make sure you check your organization’s permissions and turn off the ability for employees to share files outside of the organization.
Remotely Lock Devices
Endpoint device management systems make it easy to revoke employee access.
It’s always a good idea to have the ability to encrypt and wipe devices remotely. This is critical if your company property, such as laptop is stolen, or if a rogue employee refuses to return a company computer. Having the ability to remotely lock the data, and access on that machine remotely, effectively renders the device useless. This could be crucial to prevent a data breach! Having the ability to locate the device could also aid in recovering your equipment if authorities are involved.
Managed Services Providers typically have the ability to remotely lock and wipe your devices using their monitoring and management software. If you don’t have an MSP I suggest enrolling your devices with Microsoft Intune or joining the devices to AzureAD to gain some control over your devices. Odds are if you have an Office 365 account you are already paying for these features with Microsoft.
Restrict Physical Building Access
Sometimes an overlooked part is the key code access to the building. Remember to restrict physical access to your building as soon as an employee leaves. If you use any door or gate codes, change them so the person can no longer enter. Also, it is a good idea to change any access codes the employee might have had access to, an example would be an access code that employees shared amongst themselves.
Need Help Reducing Offboarding Security Risk?
If you manage digital offboarding properly, the process is less complicated and comes with fewer risks. It’s important to have a checklist and procedures to follow. This can greatly reduce your cybersecurity exposure if done properly. If your company needs help developing a checklist or just needs someone to check and enhance your cybersecurity, please contact AlphaCIS a Managed IT Services and Managed Security provider in Atlanta. You can schedule a quick call HERE or give us a call to see how we can help your business (678) 619 1218
Dmitriy Teplinskiy
I have worked in the IT industry for 15+ years. During this time I have consulted clients in accounting and finance, manufacturing, automotive and boating, retail and everything in between. My background is in Networking and Cybersecurity