In a perfect world, employees love their jobs, work hard, never quit, and never need to be terminated. Sadly, reality requires us to be more realistic. Inevitably, an employee will leave. You miss good employees who move on. With some employees, everyone may rejoice as soon as they walk out the door.
Regardless of the reasons for departure, steps must be taken to protect the organization’s interests. Every company has sensitive data that needs protection. Every employee, current or former, possesses knowledge of that data or the means to access it. You can prevent data compromise with a few simple steps.
Have Company Devices Returned
Often, companies lend devices to employees to allow them to perform their jobs. This could include phones, laptops, hard drives, USB flash drives, and more. All of these items contain company data. Requiring their return allows you to maintain as much control over that data as possible.
If you don’t have a list of equipment loaned to each employee, you should start making one now. This makes tracking those devices down much easier should the time come.
Block Access To Email Accounts
If you gave the employee a company email, change the password and/or disable the account. If vendors or customers might send messages to that address, be sure to forward the employee’s address to another employee or shared mailbox within the company.
Don’t delete the account right away. You may need existing messages within the account. In some industries, laws require keeping that data for a certain period of time. Just take whatever steps are necessary to prevent unauthorized access. Transfer any messages for easy access in the future. If you’re certain you have everything you need and aren’t required to keep the data, delete it. However, be careful when doing so.
Change Company Passwords & Disable Accounts
Typically, employees have access to company passwords or their own accounts. This can include anything from the following:
- Network account (Active Directory or Windows)
- Printers, scanners, and copiers
- Network hardware
- WiFi passwords
- Company website or blog
- Vendor websites
- Social media accounts
Disable the employee’s user account within your network. Again, you may not want to delete it. Deleting the account could erase any activity logs associated with the account as well. Tracking their activity would be impossible at that point.
If you provided remote access, remove or deactivate the account. Remote access could exist through a VPN or remote software like LogMeIn. No former employee should be able to access any piece of the company’s infrastructure.
If employees share access to certain company accounts, change those passwords. (We highly encourage providing employees their own accounts.) Employees regularly save them within browsers or password managers for easier use. This often happens on their own personal devices as well. If the employee’s device gets hacked in the future, your accounts could be at risk too. Additionally, unhappy employees pose a threat that could cause more problems.
Let Your IT Department Know
Please do this first. You should work closely with your IT department. This process goes much smoother when IT professionals perform most of the tasks listed above. This also ensures that they know to watch for suspicious activity with related accounts as well.
Take The Time
You know how long it takes to get a new employee up and running with access to everything they need. It takes the same amount of time to undo all of that access as well. It may be a hassle, but eliminating any risk makes it worth the time. For clients of Pit Crew IT Services, we can assist with much of this and save you some time. If you’re not a current client, simply request a free consultation below. Let us overhaul your existing IT solution to make your business fast and efficient!