Does your company have a plan in place for revoking IT access after an employee departure? If not, you could be putting your data at risk.
Although a necessary part of business operations, it’s never enjoyable to have to let someone go. Still, in this day and age, perhaps the more challenging aspect of employee termination is making sure the fired employee does not continue to have access to sensitive company data.
Actually, the same goes for employees who quit voluntarily. Once a worker stops being employed by you, their company access needs to end immediately — that day.
James Forbis, a Cincinnati IT consulting specialist with 4BIS.COM who regularly works with Southwestern Ohio businesses who are terminating employees offers some other tips for ensuring that employee termination is a smooth and secure experience from the IT perspective.
Figure out the logistics of the employee’s departure.
When it comes to logistics, we’re talking about knowing the circumstances of every employee departure so that you can act accordingly when it comes to revoking access to company data and accounts. Essentially, you need to know exactly when the worker will no longer be employed by your company.
Normally, the revocation of access would be immediate. The trouble is, employee departures can go any number of ways. You might have someone who is leaving voluntarily because they've found another job, are going back to school, or want to spend more time with their family. In these cases, the employee will usually give their “2 weeks’ notice.” Alternatively, an employee may be being let go, but there are no hard feelings. Or, in the worst-case scenarios, an employee is fired and leaves in a huff or quits and leaves in a huff.
No matter how an employee departs, their access must be revoked on their last day. But in these latter two cases, you need to take away their company access right away.
Have your IT department notified immediately.
Regardless of how an employee is leaving your company, the first department that should be notified is the IT department. Naturally, this is so that they can take the necessary measures to halt access to the individual’s account. Passwords must be changed, and all other necessary steps need to be taken to ensure your company data and systems are safe.
In the case of an employee who is leaving amicably, access can be revoked in a staggered manner during the last days of their time at work. During this time, an exit review should also be conducted. Exit reviews are beneficial for all employees who terminate employment with you, but understandably, they are not always possible.
Notify other departments as well.
All other departments in your company need to be notified of employee departures as well — after your IT department. In some rare cases, employees who have already had their IT access revoked have been known to contact ignorant company departments and fraudulently regain access through these employees.
Be on the lookout for suspicious activity.
After the worker is out of your employ, it’s important that your IT department continue to monitor your system for suspicious activity. In other words, they should have their “ears up” for access from that individual’s account and be on the lookout for any other abnormal occurrences.
The latter may signal someone is manipulating the system or attempting to carry out malicious activity remotely. Of course, this type of monitoring should always be in place, but awareness should be heightened after an employee departs.
Does Your Company Have an IT-Based Employee Termination Plan Already in Place?
If you don’t already have a plan for employee termination in place, it’s time to establish one. Talk to your managed service provider today. IT solutions specialists know the ways that your business is most vulnerable when it comes to revoking access. They can help make a decision on best practices for securing company data and systems after an employee leaves.