Cyber SecuritySecurity Culture

Employee Offboarding: A Legitimate Security Threat

Tough times call for stringent measures, and employee offboarding is one such action that demands utmost precision. Nonetheless, most organizations handle it poorly leaving security measures vulnerable. In this article at Security Intelligence, Sue Poremba elaborates on the potential cybersecurity risks surrounding improper employee separation. Moreover, she explains the right approach for companies to prioritize cyber-surveillance.

Wipe Out Digital Profile

Not all employees leave the organization with bad intentions but having a standard exit policy is critical. Often, people find it difficult to handle early offboarding or layoffs. They seek an opportunity to take revenge by hampering their employer’s brand reputation. If the former staff keep accessing your company data or secure IT network, it may soon create an internal threat.

According to the 2020 Insider Threat Report by Cybersecurity Insiders, about 63 percent of respondents believe former employees accessing old login accounts is a massive threat to any company. According to the Ponemon Institute, one such access can cause almost $750,000 in total losses to an enterprise.

Facilitate a Safe Exit

Following the data privacy regulations and compliance, companies must ensure a sound assessment of confidential data. Employee offboarding is part of it. You should not keep the former employee’s cloud accounts for long. Ensure they delete all the company applications and accounts by which they can access confidential data.

Secure HR Process

Indeed, you have a human resource division that can take care of IT and other safety measures during an employee’s exit from the company. However, it would be ideal if HR worked in collaboration with the IT security team to maintain the following checklist for employee offboarding:

  • Build an inventory of the departing employees’ digital history in the organization. Make sure they log out of each company device once used for official purposes.
  • IT executives must give exiting employees or their managers a deadline to delete accounts or hand over company assets.
  • Cybersecurity teams must monitor the digital moves of the employees leaving your organization. Ensure they do not download anything or use external devices to misuse or breach IT infrastructure.
  • If possible, install a data management solution to retain necessary information from the separating staff. Also, delete their digital account from every network they frequently accessed. Perform a cybersecurity check right before they finally leave the building.
  • Do not forget to change the common password once given to them for emails, company data, conference calls, etc.
  • You may utilize the zero-trust security model to avoid potential cybersecurity threats.

Click on the following link to read the original article:

Related Articles

Back to top button

We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.