A few years ago, at a social event, we heard a guy brag about how he used the resources of his former company to land a major client. He believed he had learned as much as he could and had repaid the company for the training they had given him.
When he left, he realized he still had access to some of the organization's proprietary information. He decided to use it to become a competitor and land that client.
Here is an instance where someone left the company of his own free will, without ill will, yet he continued to illegally use the organization's resources. So we can only imagine what a disgruntled former employee might do.
When it comes to former employee security risk, a majority of that stems from improper employee offboarding. A business puts itself at significant risk when it fails to remove a former employee from its network appropriately.
A survey of 1,008 employees by Beyond Identity found that 1 in 4 ex-employees still had access to their employers' files. Plus, in 2020, 20% of companies reported data breaches from disgruntled former employees.
So, what can you do to prevent a former employee from becoming a security risk?
The following list may seem simple, but the mistakes are often relatively easy to make but open up an opportunity for someone to steal information.
One of the earliest things you can do to prevent a former employee from becoming a security risk is to be proactive and observe their behavior post-resignation. Disgruntled people who wish to cause harm will often exhibit signs that something is amiss.
You should be on the lookout for:
If the former employee damages company property, makes threats or opposes efforts to maintain security, these should raise red flags.
Many companies don't conduct exit interviews and those that do only ask why the employee is leaving. While you should still ask those questions, you also need to ask about the company's items in their possession.
You want to ensure they do not take any company devices or information or access any accounts or systems before leaving. You must ensure that your former employees can no longer access company assets or information once they leave.
To prevent former employees from accessing proprietary information and systems, you should change all your passwords immediately after an employee leaves. The best approach is to err on the side of caution, even if you have no reason to believe the employee is a security risk.
While changing your passwords, look for other ways former employees might have access to sensitive information and take care of any holes in your company's policies and procedures.
Folders and applications are another way to prevent former employees from accessing important data. One way is to remove them from groups with extended permissions to network resources.
If the employee was a member of multiple groups, you might want to add certain groups back after you've removed them from the ones that grant them too much access. You should also review security groups that give access based on job title and make changes when necessary.
Conduct an offboarding audit when employees resign or are terminated. You should do this within 30 days of the person leaving the company and cover all devices used while you employed them.
The audit should include checking email accounts for any confidential information that might have been downloaded or sent. Check if files have been deleted from shared drives or cloud services.
There are times when people in I.T. may be unaware of an employee's departure. It would help if you avoided situations like this by setting up an automated system that deactivates inactive accounts and changes passwords after a specific time. This will ensure that your former employee's access to the company network can be disabled quickly.
As more employees adopt a bring-your-own-device (BYOD) policy, it's critical to have data encryption software installed on every device that accesses your network whether an employee is a current employee or no longer with the company.
When considering employees who have amicably left the company, you may be more inclined to let your guard down. However, this is when you're most at risk of facing an insider threat.
Many former employees will still have access to your network and won't have any qualms about taking advantage of that access if they feel it benefits them in some way. That's why it's crucial to keep security measures consistent across the board.
The first step in preventing a security breach by a former employee is to make sure they understand the risks and consequences during onboarding. The warning could include information such as:
Beyond this, make sure all employees read and sign an acknowledgment form related to the proper handling of confidential information, whether it's physical or digital. Include language that makes sure employees understand that these rules still apply even after leaving the company.
Some former employees will leave on bad terms. But the best way to avoid a disgruntled ex-employee becoming a security risk is to try to leave them with a positive impression. A simple thank you note, praise for their work, and even a gift card can go a long way.
You might even consider sending your former employee an email before they leave, just to express your appreciation and to let them know you have no hard feelings.
It's also essential to take care of any other issues related to benefits or severance packages or any concerns about fraud or theft. If you don't do everything you can, your reputation may suffer, and it could be challenging to find great employees in the future.
Employees who leave your company take along a lot of knowledge about your business. Perhaps they know where you store your financial data or have an understanding of the inner workings of your network's security software.
While these details might seem innocuous to you, they could present a tempting opportunity for an employee who has left disgruntled. To prevent this, you should have an effective offboarding plan in place.
This should include issuing a warning about the importance of protecting confidential information and setting up security measures on their access devices. Again, many of these things seem elementary but when executed consistently, they can go a long way to prevent former employees from becoming significant security risks.