Tom Shanley, SVP of Technology Services for SmartSource®
Internal employee and contingent workforce offboarding can be a challenge for many businesses, whether the departure is voluntary or not. With talk of the ‘Great Resignation’ continuing, now is the time to put plans into action to safeguard company data.
In the past, departures were handled by an employee’s direct manager and the HR department, and rarely included IT. Today, however, business owners must account for the technical offboarding of employees to safeguard company data and prevent future access.
IT and HR departments must align offboarding processes and policies to negate the risks associated with any malicious behavior post-termination. While commonplace for employees to receive an overview of their lapsing financial and medical benefits, revoking access to internal and external systems is often an afterthought.
Documenting every folder, application, and website an employee uses for their job is critical. This action alone helps mitigate unwarranted access at the time of termination.
Every company’s offboarding needs will differ slightly; however, the below IT offboarding steps usually apply:
Typically, it’s best to have your IT team follow your internal offboarding policy while management and HR conduct the termination. As a result, when the employee exits the building, they’re also exiting your network.
Businesses can also take advantage of Identity and Access Management applications to more easily offboard employees and control access across internal and web-based systems. For example, your business likely has data on file servers and various websites that your employees access every day. Identity and Access Management applications allow you to create a single user account for everything an employee needs to access. When an employee exits the business, canceling this single account revokes their access to all systems simultaneously.
Management and IT spend a lot of time discussing network security and remediating any vulnerabilities that may exist within the network. The same focus should be given when protecting the business from internal sources, namely employees, who have access to the network and various web-based services. A major highlight in the modern age is that there is now many ways to monitor your security, even remotely.
Set policies and procedures that align management, HR, and IT with mitigating threats from exiting internal employees and any contingent workforce. You’ll be glad you did.