employees leave your company, thoroughly revoking their access to internal
systems and data is an absolute must. As one global SaaS provider puts it: “An
ex-employee with bad intentions can intentionally wreak havoc on your business,
while an ex-employee with good intentions can do so by accident.” Intent aside,
the potential for irrevocable damage from any departing staff member is real,
so offboarding, following an established and proven process to the T, should receive
the utmost attention.
the same procedure with everyone reduces the risk of accidental or deliberate
data theft and eliminates as many points of vulnerability as possible,” says
the Identity Management Institute, which also recommends strictly following a
checklist. Best practices like these and others can help you reduce your risks.
1) Collect Company-Owned Devices. Phones, laptops, and data-transfer-and-storage
devices not only contain sensitive information, they also represent a capital
investment, which must be protected.
2) Terminate Network Access. Completely eliminate the
user’s unique identity and don’t reuse the account for their replacement. Include
any third-party cloud-based programs they may be using.
3) Wipe Personal Devices. BYOD policies are widespread.
So be sure to remove company-owned data, programs and passwords from employees’
devices when they leave. If wiping remotely, be certain only to remove
corporately owned assets, as accidentally deleting personal information may
invoke a lawsuit you’ll almost certainly lose.