You can find a digital footprint everywhere in the modern workplace. Employees produce them as soon as they start the job. A company usually provides them right away with an email account and application logins. Plus new job means they get to update their LinkedIn profile. What do you do when they leave? Is there a checklist for better digital offboarding.
When employees leave a company, there is a procedure that needs to follow. The employee is “decoupling” from the company’s technological resources in this process. Doing your due diligence when it comes to off boarding is vital to cybersecurity.
The last thing any business needs is a former employee to use their work email to send malicious emails to your clients. Private information on an employee’s computer can lead to a leak months later.
20% of the organizations experience a data breach in connection with a former employee.
Digital offboarding includes taking away privileges and access rights to business data and more. Each former employee must go through must go through this procedure in order to reduce risk.
Here we’ll go over the bases of what you should be doing.
Digital Offboarding Checklist
When people leave a business, extensive corporate knowledge can be lost. It’s important to capture this via a digital offboarding procedure.
It can be as simple as the login for the social media app the former employee ran for the company. Or productivity leveraging. Such as the best way for adding sales data to a CRM.
During the exit interview, be sure to download the knowledge that your employee has. Even better, have all staff routinely document the workflow and procedures of the position. In the event an employee is ever unavailable to do their task, the knowledge will still be available.
Address the Company’s Social Media Connections
Address whatever connections the former employee may have on social media. Is their personal Facebook account an administrator for the Facebook page of your business? Do they publish on the LinkedIn profile for your business?
Determine Every App & Login the User Has Been Using for Work
There should be a list of all the apps and website logins that an employee has in your HR or IT department. But you can’t just rely on that. Unauthorized cloud apps are frequently used by employees to do tasks. Typically, this is done without considering the implications for security.
Become aware of any apps the employee may have access to for work-related purposes. You must address these. If you want to continue using them, discuss changing the login. After exporting business data, you might also want to completely shut them down.
Change Email Password
One of the first things you should do is change the employee’s email password. This prevents a former worker from gaining access to company information. Additionally, it prevents them from sending emails on behalf of the business.
Due to the necessity of keeping emails, accounts are often not instantly closed. To make sure the employee no longer has access, you should reset the password.
Change Employee Cloud Business App Passwords
Change the passwords for all other apps. Keep in mind that many people use personal devices to access corporate apps. Therefore, just because they no longer have access to their work computer doesn’t imply they can’t log into their previous accounts.
When you change the password, you lock them out. This process is made simpler with a single sign-on solution.
Collect Back Company Devices
Ensure that you collect any company-owned equipment from the employee’s residence. A lot of at-home workers are given remote devices to use.
To prevent losing the equipment, you should do this as soon as you can. Devices may be sold, given away, or thrown away once people have left a company.
Recover Data from Employees Personal Devices
Plenty of employees use their own devices when working for a company. It saves a business money, but it will make offboarding more challenging.
You need to make sure you collect all the data on these outside devices.
Close Employee Accounts and Transfer Ownership of the Data
Keep outdated employee cloud accounts closed after a certain period of time. After transferring their data to a different user account, the account should be closed. A hacker is encouraged to access unused employee accounts that are left open. Breach instances are possible when the account is not being monitored. Data theft by a thief could go unreported for months after they get access.
Need Help Reducing Offboarding Security Risk?
The process is simpler and less dangerous when you deal with digital offboarding in a proactive manner. For a free consultation to improve your cybersecurity, get in touch with us right away.
If you’d like to find out more about what’s new in the tech world, make sure to follow our blog!
Click here to schedule a free 15-minute meeting with Stan Kats, our Founder, and Chief Technologist.
STG IT Consulting Group proudly provides IT Service in Greater Los Angeles and the surrounding areas for all of your IT needs.