Digital footprints are all over today’s modern workplace. Employees begin making these pretty much the moment they’re hired. They get a company email address and app logins. They may even update their LinkedIn page to show that they’re working for your company.

When an employee leaves, a necessary process of “decoupling” them from the company’s technology assets occurs. This “digital offboarding” is vital to cybersecurity.

A former employee maliciously emailing all your customers from their work email would likely be disastrous. Sensitive files left on a former staffer’s computer could leak months after they’ve left too.

20% of surveyed businesses have experienced a data breach connected to a former employee.

Digital offboarding entails revoking privileges to company data, and much more. This is a critical process to go through for each former staff member to reduce the risk to your business.

Below, we’ve provided a handy checklist to help you cover all your bases.

Your Digital Offboarding Checklist

Knowledge Transfer

When a person leaves an organisation, vast corporate knowledge can leave with them. The digital offboarding process can help capture this knowledge so it’s retained and remains useful to your business.

This could be something as simple as what social media app someone used for company posts. Or it may be productivity leveraging, such as the most efficient way to enter sales data into your CRM.

Make sure to do a knowledge download during the exit interview. Better yet, have all staff regularly document procedures and workflows over time. This helps retain the knowledge if the employee is no longer around to perform those tasks.

Address Social Media Connections to the Company

Is the former employee’s personal Facebook user account an admin for your company’s Facebook page? Do they post on your corporate LinkedIn page?

Revoking access to these pages for former employees as soon as possible will reduce the risk of harmful or malicious posts.

Identify All Apps & Logins the Person Has Been Using for Work

Your HR or IT people will have a list of all apps and website logins that an employee has been provided. But don’t assume this is the case. Employees often use unauthorised cloud apps to do their work. This is usually done without malicious intent. Employees simply don’t realise the security consequences, which is why BIZC IT stress the importance of cybersecurity awareness training for all staff.

Make sure you know of any apps that the employee may have used for business activities. Either change the login account name and/or password if you plan to continue using them, or close these accounts altogether after exporting any data that should be retained.

Change Email Password

Changing the employee’s email password should be one of the first things you do. This keeps a former employee from getting company information. It also keeps them from sending email as a representative of the company.

Accounts are typically not closed immediately because emails need to be saved for future use. But you should change the password to make sure the employee no longer has email access.

Change Employee Passwords for Cloud Business Apps

People often access business apps and data on their personal devices. So, just because they can’t access their work computer any longer, doesn’t mean they can’t still access that business app or data.

Changing the passwords locks them out no matter what device they are using. This process can be simplified with a single sign-on solution such as Okta.

Recover Any Company Devices

Employees working from home are often issued equipment to use. Make sure to recover any company-owned devices from the employee’s home.

You should do this as soon as possible to avoid loss of the equipment. Once people no longer work for a company, they may sell, give away, or simply trash devices.

Recover Data on Employee Personal Devices

Many companies use a bring your own device (BYOD) policy. It saves money but can make offboarding more difficult.

It’s important to capture all company data on those devices. Even if you use cloud storage such as Microsoft OneDrive, your staff can bypass cloud storage and save data directly to their device. For this reason it’s important to backup data on staff devices even if you use cloud storage.

Transfer Data Ownership & Close Employee Accounts

Don’t keep old employee cloud accounts open indefinitely. Not only are they costing you money in subscription fees, but unused accounts are an open invitation to a hacker. Transfer data out of the account then close it. With no monitoring of the account, breaches can happen. A criminal could gain access and steal valuable company data for months unnoticed.

Revoke Access by Employee’s Devices to Your Apps and Network

Using an endpoint device management system such as Microsoft’s Endpoint Manager, you can easily revoke device access. Remove the former employee’s device from any approved device list in your system.

Change Any Building Digital Passcodes

Don’t forget about physical access to your building. If you have any digital gate or door passcodes, be sure to change these so the person can no longer gain access.

Need Help Reducing Offboarding Security Risk?

When you proactively address digital offboarding, the process is easier and less risky. Contact BIZC IT today for a chat about enhancing your business’ cybersecurity.



Article used with permission from The Technology Press.