Executives are well-versed in the threat of hackers, but the bigger danger lies in legitimate login misuse. What might not be as apparent is the more significant risk posed by individuals wielding legitimate login credentials to access sensitive data improperly. The avenues for this threat are diverse, from employees unknowingly divulging passwords in phishing scams to casually sharing them with colleagues.

As alarming as this is for current employees, the potential dangers magnify when ex-employees retain functional passwords long after leaving. Shockingly, statistics from Intermedia reveal that 89% of former employees maintain access to at least one application post-departure. This underscores the urgency of implementing a thorough checklist for employee separations, be it voluntary or involuntary.

The following items should be collected on or before the employee’s termination date:

  • Laptops
  • Company-owned storage devices, such as external hard drives or flash drives
  • Company-owned phones
  • Company-owned credit cards
  • Access cards (such as those used to open building doors)

Login credentials to the following technology should be suspended on or before the employee’s termination date:

  • Company email and calendar applications
  • Telephone voicemail access
  • PIN-based alarm or door systems
  • Network or file access at all company locations
  • Online credit card account logins
  • Cloud-based software used by the company, such as Salesforce
  • Marketing accounts, such as social media or website logins
  • Company files (if any of these are on non-company owned devices, ensure they’ve been deleted)

Safeguarding your company against unauthorized access requires meticulous attention to detail during employee separations. Ensuring the prompt collection of company assets, suspension of login credentials, and the elimination of shared passwords are paramount. By swiftly addressing these tasks, you mitigate the risks associated with ex-employees retaining access long after their departure. This proactive approach not only safeguards sensitive information but also fortifies your company against potential security breaches. Additionally, removing references to departed employees in internal documents contributes to a comprehensive security strategy, fortifying your organization against potential vulnerabilities.

If you’d like help from a Managed Services Provider in building and enforcing an IT checklist for exiting employees, call us at 919.779.0954 or contact us online.