How to Identify (and close) Security Gaps in Employee Offboarding

20th Apr 2021

What is offboarding?

Wikipedia defines the term ‘Employee offboarding’ as “the separation process when an employee leaves a company”.

As soon as you know that a team member is resigning you need to start your Employee Offboarding Procedure. The longer this takes, the more damage could be done to your relationship with them or to the security of your business and its systems.

What are the risks?

When it comes to employee onboarding, a study carried out in 2019 discovered that it can take between 2 and 4 days to get a new employee everything they need to do their job, while it can take up to 7 days and more to ensure that the former employee has no longer access to an organisations information.

More than half of the 400 interviewed IT professionals said that they know someone who still has access to their former employer’s applications and data. 

This data can be used in a malicious way and the three main concerns are:

  1. Leaking of sensitive data
  2. Cybersecurity hacks
  3. Introducing malicious data

Further risks are:

  • Selling of data to competitors (corporate espionage)
  • Poaching clients and customers
  • Continuous use of company resources and systems to own advantage

If a relationship with a former employee turns sour, it is called an Insider Threat and it is one of the most common causes of data breaches. 

 

What to do to avoid issues?

  1. Add a non-disclosure agreement (NDA) to your employment contract

It starts with the paperwork when the employee joins the company. Both parties should enter into a confidentiality agreement, also known as a non-disclosure agreement (NDA), in which they agree to keep specific information secret. A confidentiality agreement is legally binding and often used to protect trade secrets and sensitive business information.

  1. Prevent automatic email forwarding and sharing files to personal accounts

Employees forwarding personal notes or other miscellaneous emails to themselves may be harmless, but other times, intellectual property is stolen. To prevent this, Microsoft 365 offers extensive Data Loss Prevention (DLD) capabilities, such as:

  • Restricting what files can be shared via email or accessed from outside of the organisation
  • Disabling of automatic email forwarders
  • Identifying sensitive information in files and emails and blocking distribution
  1. Revoke access to all applications

Eliminate the user’s unique identity (username or email address) and do not reuse the accounts for replacement staff. Include any third-party cloud-based programs they may have been using.

  1. Reset shared passwords

If your team is sharing one account for root access, password management or similar, make sure you reset the password each time an employee leaves the company. There is nothing worse than having former employees knowing the access details to your root users or password management software!

  1. Return equipment (access cards, mobile phones, ID cards)

Ensure that the employee returns phones, laptops, storage devices, keys, and access cards. These devices contain sensitive information, open locked doors and are also a capital investment, which should be protected.

  1. Wipe personal devices

BYOD (bring your own device) policies have become a new norm since Covid-19. Make sure to remove company-owned data, programs and passwords from employees’ devices when they leave. If wiping devices remotely, ensure to remove corporately owned assets only and avoid accidentally deleting personal information. 

G2IT can assist you with the Employee Offboarding Procedure, so you can concentrate on other things. To discuss all things security, get in touch with G2IT.

Call 1300 325 487 or connect on Facebook and LinkedIn.