The contemporary workplace is saturated with digital footprints. Workers start producing these as soon as they are employed. They receive application logins and a corporate email address. They might even change their LinkedIn profile to establish a connection with your business.
There is a procedure that must be followed when an employee departs from a company. This is how an employee is “decoupled” from the company’s technological resources. Cybersecurity requires this digital offboarding.
It is not desirable for a former worker to send malicious emails to all of your clients using their work email. Months after a former employee’s computer is used, sensitive files on it may leak.
Removing access to company data, among other things, is part of digital offboarding. For each former employee to lower risk, completing this process is essential.
To assist you in covering all the bases, we’ve included a helpful checklist below.
Your Digital Offboarding Checklist
Knowledge Transfer
When a person leaves an organisation, a lot of corporate knowledge can vanish as well. This should be recorded as part of the digital offboarding procedure.
This might be as straightforward as the social media platform that someone used to post about their business. Or it might be the leveraging of productivity. For example, how to input sales data into the CRM most effectively.
During the exit interview, be sure to conduct a knowledge download with the departing employee. Even better, have all employees routinely record workflows and procedures. This allows access to the knowledge in the event that the employee is unavailable to carry out those duties.
Address Social Media Connections to the Company
Take care of any social media ties you may have with the former worker. Is the admin of your company’s Facebook page using their personal account? Do they share content on your business’s LinkedIn page?
Identify All Apps & Logins the Person Has Been Using for Work
Ideally, a list of all the apps and website logins that an employee has will be available to your HR or IT department. However, this cannot be assumed. Workers frequently use unapproved cloud apps for work. Usually, this is done without considering the implications for security.
Verify whether you are aware of any apps the worker may have utilised for work-related purposes. These will need to be taken care of. If you intend to use them going forward, either change the login. Alternatively, you might want to export company data and then close them completely.
Change Email Password
Among the first things you should do is change the employee’s email password. This prevents a former worker from obtaining information about the company. Additionally, it prevents them from sending emails on behalf of the business.
Account closures are usually delayed because emails must be kept on file. Nonetheless, to make sure the worker no longer has access, you should update the password.
Change Employee Passwords for Cloud Business Apps
Change all other app passwords. Remember that people often access business apps on personal devices. So, just because they can’t access their work computer any longer, doesn’t mean they can’t access their old accounts.
Changing the passwords locks them out no matter what device they are using. You can simplify the process with a single sign-on solution.
Recover Any Company Devices
Ensure that any devices owned by the company are retrieved from the home of the employee. Equipment is frequently given to remote workers to use.
To prevent losing the equipment, you should take this action as soon as you can. When an employee leaves a company, they might sell, donate, or discard gadgets.
Recover Data on Employee Personal Devices
BYOD, or bring your own device, is a popular policy in many businesses. Although they save money, this may make the offboarding process more challenging.
Make sure all of the company’s data is off those devices. This is a good time to create a backup policy if you don’t already have one in place.
Transfer Data Ownership & Close Employee Accounts
Don’t leave outdated employee cloud accounts active forever. After selecting a user account to which to move their data, terminate the account. Hackers are invited in when employee accounts go unused. Breach scenarios are possible if the account is not being monitored. An intruder might obtain entry and steal information covertly for several months.
Revoke Access by Employee’s Devices to Your Apps and Network
Removing device access is simple to do with an endpoint device management system. Take the former employee’s device out of any system lists of authorised devices.
Change Any Building Digital Passcodes
Remember that your building’s physical access is important. Make sure to update any digital gate or door passcodes you may have so the offender can no longer enter.
Need Help Reducing Offboarding Security Risk?
When you proactively address digital offboarding, the process is easier and less risky. Contact us today to chat about enhancing your cybersecurity.