Best Practices for Disabling, Deleting & Locking Down Past Employee Accounts
In today’s business environment, employees leave all types of digital footprints while doing their day-to-day tasks. They have email, cloud accounts, remote logins to company assets, and more. It’s the nature of the way we work. IT solutions have become synonymous with business operations, especially cloud services. This makes the offboarding process when an employee leaves more complicated. Rather than just being concerned about an employee’s computer and the data it holds, companies have to consider all the cloud assets that employees have accounts for. Accounts aren’t always disabled right after an employee leaves, which becomes a big vulnerability. Approximately 67% of companies worry about security incidents being caused by malicious employees. Part of any solid cybersecurity policy should include thorough account offboarding to lock down those accounts as soon as an employee has been terminated or has quit.
What Can Happen if You Leave a Former Employee’s Accounts Active?
No matter how great a parting is, if you leave a former employee’s accounts active, you’re leaving your network and data at risk. Here are some of the potential security implications if you don’t immediately delete, disable, or shut down former employee accounts.
Employees Can Still Access Email
If you don’t change the password or disable an employee’s email, they could use it to try to steal customers and bring them with them to a competitor or spread malicious information about your organization. There’s also the problem with customers or others in your organization not knowing the employee has left because there is no autoresponder on their email, so they may continue sharing company information that the employee could access. Many employees have their work email on their personal devices, so if they haven’t specifically deleted it and you haven’t disabled the account, they can still have access, even if they can’t access their main workstation.
Cloud Data Risk
Employees are often on multiple company cloud accounts. The average employee uses at least eight different cloud applications for work. Some may also use apps for work that you’re unaware of (shadow IT). With access to those cloud accounts after they’re gone, employees could delete data, either maliciously or innocently, thinking they’re “cleaning things up.”
Non-Updated Apps Can Lead to Breaches
If a former employee doesn’t remove a business app from their phone, there’s a chance it will just stay there, logged in, and not-being updated because they no longer use it. But a non-updated app can lead to a security breach if malware were introduced on that former employee’s device. The active connection to their old company cloud account could mean a breach risk you weren’t even aware of.
You Can End up Paying Too Much for Cloud Services
An obvious reason to disable former employee accounts as soon as possible is that most cloud platforms charge you on a per user basis. So, keeping old accounts open means you’re paying more than you need to for your cloud subscriptions.
How to Properly Lock Down Accounts When an Employee Leaves
Here are several tips for properly handling all those digital accounts when an employee leaves your company.
Do an Exit Interview
Shadow IT use has been on the rise as more employees work remotely from home. It’s not always done maliciously, and often someone is just trying to get work done and they look for an app to help. But if you don’t know an employee was using a task management app to catalog all their activities, you won’t know to secure the account and glean any necessary business data. It’s important to do an exit interview for departing employees and ask them about all the apps they used for their work so you can uncover any shadow IT that you need to address.
Change Email Password & Set Autoresponder
You may not want to immediately turn off an employee’s email because it could cause you to miss important client communications. But you definitely should do the following to secure the email account:
- Change the password so the former employee doesn’t have it
- Forward the mail to another email address
- Set up an autoresponder so senders know who to contact instead of that former employee
Audit the Web/Account Activities of the Employee
It’s important to have software in place that allows you to monitor employee and device access to your cloud accounts, server, and other digital company assets. Audit the activities of employees prior to their leaving to see if there were any unusual activities, such as:
- Copying files in bulk
- Unusual online behavior that differs from the norm
- Attempts to access unauthorized data
- Attempts to install unapproved software on the company network
- Addition of a new mobile device to access business data
Disable All Cloud Account Access Right Away
It’s important to disable an employee’s access to any cloud accounts or other remote login accounts they used. If you need to move data first, then at least start by changing the password so you’ve blocked access while you’re taking care of the housekeeping tasks. Tips for disabling employee accounts:
- Immediately change the account password
- Pull user audit reports to review activity prior to the employee leaving
- Migrate the account data to another user (most systems will give you this option when you delete the account)
- Once all data has been moved safely, delete the employee’s account
Set Up Secure Cloud Processes that Keep Your Company Protected
Copperband Technologies can help your Middle Tennessee or Southern Kentucky business handle employee offboarding securely to ensure you’re not leaving any of your assets vulnerable. Contact us today to schedule a consultation! Call 931.263.8000 or contact us.