How to handle IT when an employee leaves

IT Consulting, Security

Exit Strategy

In the business world, employees come, and employees go.  While sometimes it’s amicable, sometimes, someone’s departure is anything but that.  However, in regards to your company’s data, there needs to be a process in place on making sure your data is secure when someone leaves the company.  This article will address that.

Level of access

The first, and most important thing to do, is to review what level of access an employee has to data.  This could be shared network drives, cloud storage, as well as shared email boxes.  You may need to limit the type of access they have during the transition period, and or monitor the email account of the person who is leaving.

Another area to consider is what type of network access do they have?  Are they a remote desktop user, or do they have full rights to your file server?  This is critical to not only know, but to manage properly, as having remote access to your company’s data, while someone is in transition, is a vulnerable time for your organization.

Securing Hardware

The next area to consider is what type of technology equipment does the outgoing person have?  Do they have a company smartphone?  Do they have a desktop only, or do they also have a laptop that they take home?  These things are important to secure, because not only are these items expensive in their own right, but locking down how and when data is accessed, when someone is exiting, is worth far more than the cost of the machine.

If they previously were a local administrator on their machine, you may want to change that access to a standard user account.  This helps to prevent programs from being installed, because it will require the credentials of someone with administrative access to install software.

Change Passwords

When someone leaves the company, passwords should be changed immediately, to prevent someone from making changes to your data, or worse, deleting it, after they have left.  Not doing this critical step could literally cost you money.  Not changing passwords is still one of the leading causes of IT sabotage, from former employees.  If you know that someone is about to be let go, your IT Department needs to have advanced notice of this, so that they can make preparations to revoke access.

Is this really necessary?

A recent study revealed that 48% of former employees still had some level of access to their previous employer’s network.  Imagine what someone could do if they still had access to your cloud collaboration software, or even just to an email account?  The results could be devastating.  If you want to make sure you have a solid IT exit plan in place, we are here to help.  Give us a call and we can get started.

Photo by Tarik Haiga on Unsplash

Share this Post