Logicle IT

View Original

Checklist for Better Digital Offboarding of Employees

Digital footprints cover today's modern workplace. Employees begin making these the moment they're hired. They get a company email address and application logins. They may even update their LinkedIn page to connect to your company.

When an employee leaves a company, a process needs to happen: "decoupling" the employee from the company's technology assets. This digital offboarding is vital to cybersecurity. 

You don't want a former employee to email all your customers from their work email maliciously. Sensitive files left on a former staffer's computer could leak months later.  

20% of surveyed businesses have experienced a data breach connected to a former employee. 

Digital offboarding entails revoking privileges to company data and much more; it's a critical process for each former staff member to reduce risk.

Below, we've provided a handy checklist to help you cover all your bases.

Your Digital Offboarding Checklist

Knowledge Transfer

Vast corporate knowledge can disappear when a person leaves an organisation. So it's essential to capture this during a digital offboarding process; this could be something as simple as what social media app someone used for company posts. Or it may be productivity leveraging. Such as the best way to enter the sales data into the CRM.

Ensure a knowledge download with an employee during the exit interview. Better yet, have all staff regularly document procedures and workflows, making the knowledge available if the employee is not there to perform those tasks.


Address Social Media Connections to the company 

Address any social media connections to the former employee. For example, is their personal Facebook user account an admin for your company's Facebook page? Do they post on your corporate LinkedIn page? 

Identify All Apps & Logins the Person Has Been Using for Work

Hopefully, your HR or IT department will have a list of all an employee's apps and website logins. But you can't assume this. Employees often use unauthorised cloud apps to do their work without realising the security consequences.

Ensure you know of any apps the employee may have used for business activities. First, you will need to address these. Then, either change the login if you plan to continue using them. Or you may want to close them altogether after exporting company data.

Change Email Password

Changing the employee's email password should be one of your first things; it keeps a former employee from getting company information and prevents them from emailing as a company representative. Accounts are typically not immediately closed because emails need to be stored. But it would be best if you changed the password to ensure the employee no longer has access.

Change Employee Passwords for Cloud Business Apps

Change all other app passwords. Remember that people often access business apps on personal devices. So, just because they can't access their work computer any longer doesn't mean they can't access their old accounts. Changing the passwords locks them out no matter what device they are using. You can simplify the process with a single sign-on solution.

Recover Any Company Devices

Make sure to recover any company-owned devices from the employee's home. Remote employees are often issued equipment to use. It would be best if you did this as soon as possible to avoid the loss of the equipment. Once people no longer work for a company, they may sell, give away, or trash devices.

Recover Data on Employee Personal Devices

Many companies use a bring your own device (BYOD) policy. It saves them money, but this can make offboarding more difficult. You need to ensure you've captured all company data on those devices. If you don't already have a backup policy in place for this, now is an excellent time to create one.

Transfer Data Ownership & Close Employee Accounts

Don't keep old employee cloud accounts open indefinitely. Instead, please choose a user account to transfer their data and close the account. Leaving unused employee accounts open is an invitation to a hacker. With no one monitoring the account, breaches can happen. A criminal could gain access and steal data for months unnoticed.  

Revoke Access by Employee's Devices to Your Apps and Network

Using an endpoint device management system, you can easily revoke device access. Remove the former employee's device from any approved device list in your system.

Change Any Building Digital Passcodes

Don't forget about physical access to your building. If you have any digital gate or door passcodes, change these so the person can no longer gain entry.

Need Help Reducing Offboarding Security Risk?

The process is more accessible and less risky when proactively addressing digital offboarding. Contact us today for a free consultation to enhance your cybersecurity; GET IN TOUCH.

This article is used with permission from The Technology Press.