When an employee leaves, it’s like a divorce, except the departing worker only gets to take items that he brought with him/her. When a couple gets divorced, they bifurcate their assets and usually remove each other from their various shared accounts including financial, credit, and social media. They also prohibit access to each other’s computers. The same goes when an employee leaves your company – they should not be free to play in your sandbox anymore.
Your HR department can handle some of the offboarding duties, but the digital footprint should be erased by your internal IT support department or outsource IT services team.
There are digital footprints all over the modern workplace is. As soon as you hire someone, they begin leaving their footprints - company email addresses, application logins, and even social media like LinkedIn.
The moment an employee leaves a company, there is a process that immediately needs to begin: The process of ‘decoupling’ the employee from the company’s technology assets. Complete and thorough digital offboarding is vital to Cybersecurity.
Former employees can steal data because they hold a grudge or want to profit from it. They could use their work email to maliciously email all your customers and vendors. Sensitive files left on a former staffer’s computer could leak months later.
20% of surveyed businesses have experienced a data breach connected to a former employee.
Revoking privileges to company data is just the first, and most crucial, step in digital offboarding. This is a critical process to go through to reduce any risk related to a former staff member.
Refer to the following checklist to help you cover all your bases.
Your Digital Offboarding Checklist
Transfer of Knowledge
Important corporate knowledge can disappear when a person leaves an organization, and that does not mean data – it’s about the nuts and bolts of knowing how things are done. It’s crucial to capture this during the digital offboarding process.
There are a variety of ways to do this, from something as simple as what social media app someone used for company posts to the best way to enter the sales data into the CRM. Is the departing employee the ‘go-to’ person for any applications or processes? You do not want to find out that nobody knows how to perform a function after the employee leaves.
You should have all staff members regularly document procedures and workflows. Be sure to do a knowledge download with an employee during the exit interview. This makes the knowledge available if the employee is not there to perform those tasks.
Examine Social Media Connections to the Company
Examine all social media connections to the former employee. Is their personal Facebook user account an admin for your company's Facebook, Twitter, You Tube, or LinkedIn page? Was posting on those sites one of their duties? If they had administrative duties with these sites, make sure their login credentials don’t disappear when they leave.
Identify All Apps & Logins the Person Has Been Using for Work
Your IT services team or your HR department should have a list of all the apps and website logins that an employee has. Do not just assume this - be certain. Employees often use unauthorized cloud apps to do their work (known as Shadow IT). This is usually done without taking considering the Cybersecurity consequences.
Make sure to keep ongoing track of any apps that employees may use for business activities. You will need to address these. Change the login if you plan to continue using them, or simply close them altogether after exporting company data.
Change Email Login Credentials
All too often, this is the only thing managers think they need to do after an employee’s departure – and it is crucial. Changing the employee’s email password should be one of the first things you do. This keeps a former employee from getting company information. It also keeps them from emailing as a representative of the company.
Typically, accounts are not closed immediately because emails need to be stored. If the employee was in sales, incoming emails may have considerable value – re-ordering merchandise or accepting a proposal for services so automatic forwarding should be set up.
Change Employee Login Credentials for Cloud Business Apps
When so much business is done in the cloud, you must change all app passwords. People often access business apps on personal devices. Just because they can’t access their work computer any longer, it doesn’t mean they can’t access their old accounts from other devices. Make sure this is covered.
Changing the passwords locks them out no matter what device they are using. The process can be simplified with a single sign-on solution.
Recover All Company Devices
It’s very important to recover any company-owned devices from the departing employee’s home.
This process cannot be allowed to lag behind. Do it as soon as possible to avoid the loss of the equipment. Once people no longer work for a company, they may sell, give away, or even toss the devices in the trash.
Recover Data on Employee Personal Devices
For any devices that the employee owns but uses for business under a Bring Your Own Device (BYOD) policy, be sure to recover and wipe personal devices of all company data. BYOD saves money, but it adds steps to an efficient and thorough offboarding.
You need to ensure you’ve captured all company data on those devices. If you don’t already have a backup policy in place for this, now is a good time to create one.
Transfer Data Ownership & Close Employee Accounts
Do not let old employee cloud accounts remain open indefinitely. Choose a user account to transfer their data to and then close the account. Any unused and unmonitored open employee account is an invitation to a hacker. With no one monitoring the account, breaches can happen. Completely unnoticed, a criminal could gain access and steal data for months.
Revoke Access by Employee’s Devices to Your Apps and Network
This should be regarded as Rule number ‘DUH!’ Using an endpoint device management system, you can easily revoke device access. Remove the former employee’s device from any approved device list in your system.
Change Building Digital Passcodes
Be careful not to let physical access to your building fall through the cracks. If you have any digital gate or door passcodes, be sure to change these so the person can no longer gain entry.
Need Help Reducing Offboarding Security Risk?
When you proactively address digital offboarding, the process is easier and less risky. Contact us today for a free consultation to enhance your Cybersecurity.
Frequently Asked Questions
Who is responsible for offboarding?
This is usually a responsibility shared by management and HR. The technical aspect of removing access to the network and all apps is left up to the IT services team.
How do you offboard an employee?
The checklist above refers only to actions taken after an employee leaves or turns in a resignation. How an employee is initially offboarded is through resignation, termination, retirement, or death.
How can you tell if a high performer is leaving?
There are a few tell-tale signs:
1) They were recently passed over for a raise or promotion.
2) They seem less interested in advancement.
3) They become more quiet and reserved.
4) Productivity slows down.
5) They contribute less at company meetings.
6) They take more time off/sick days.
There are other factors that indicate frustration which could lead to their departure. Increased complaining is often a dead giveaway.
Does BYOD increase risks or drive benefits?
There is little doubt among the IT Services community that BYOD (Bring Your Own Device) increases an organization’s security risks, as corporate information can be accessed and stored on personal devices. When a company institutes this policy, they must plug all security holes and the employee MUST accept a certain amount of company and IT support oversight on their device(s).
There are certainly benefits, the greatest of which is that BYOD costs less than buying devices for employees and paying the monthly service fees.
How secure is your network?
As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and Cybersecurity assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation ever to use our IT services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
We have the experience to ensure a seamless transition. Your employees will arrive at the new location to find their IT infrastructure ready and open for business! For more information, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at:
704-565-9705
