Protect Your Data When An Employee Takes A Hike
In a perfect world, we hire the most amazing person for every job and no one ever leaves or needs to be let go. Too bad this isn’t that world and disgruntled ex-employees can be a real threat to today’s businesses. Usually Human Resources handles the majority of follow-up either after an employee quits or is fired, but really, a second group should be directly involved in order to protect your data.
Your IT department or third-party IT management company should be directly involved as soon as possible when an employee leaves. In fact, alerting them beforehand is your safest bet but, if that’s not possible, make sure to alert them immediately afterward. In order to make sure that ex-employee isn’t a babbling brook of confidential information, your IT department will follow a certain set of steps to make sure his or her access to company data is swiftly cut off.
First, your IT team will revoke access to all computer and network data. This needs to be done across all devices such as laptop, desktop, phone and tablet. Changing the user’s password is the quickest way to eliminate data loss. After enough time has passed to adequately ensure no data is lost, disable the user’s account.
“At the very least, changing passwords allows you to quickly bar their access while maintaining files and/or emails for future use,” said Chris Roberts, Network Administrator at The Miller Group. “But what you really want to do is disable his or her account for maximum safety.”
Second, every company needs to have data redundancy and retention policies that address the backup, restoration and preservation of corporate data in general. It is especially important to enact these policies when someone high-level or under a cloud of suspicion departs. Documenting how these policies were implemented can also be valuable in any legal battles that may ensue.
Last, your IT team will regularly audit your domain and Active Directory to eliminate unnecessary accounts and ensure no back-door, unauthorized users can be found. “The specifics vary, but the main idea is that user access is looked at regularly in order to prevent a problem and need to do damage control afterward. We have a number of reports we can run to ensure your active user list is up-to-date. ” said Roberts.
In all likelihood, an ex-employee with bad intentions can wreak havoc despite your best efforts for prevention. However, it’s your IT company’s job to minimize the damage by locking all possible doors. If you’re a Miller Group client, make sure to let us know as soon as possible when a user needs to be locked out. Doing so may save your data and company a lot of trouble.
If you have questions or would like a review of your user information contact us at 314-822-8090 or email@example.com