How to Protect Company Data When an Employee Leaves
Ensure that your company data is protected whether your employees leave voluntarily or involuntarily.
Cybersecurity health is significantly affected by malicious insider threats. These include former employees who take classified or sensitive information with them when they leave.
Whether it is a voluntary or involuntary termination, ensure you have recovered all company data and that former employees cannot access your network using their credentials. It is crucial to include security checkpoints as part of your offboarding process.
According to the Proofpoint Cost of Insider Report1, The average global cost of insider threats rose by 31% in two years to $11.45 million, and the frequency of these incidents increased by 47% in the same period.
Staff work habits that could jeopardize your data security:
- Employees storing their files in the cloud that they control, rather than your IT department.
- Employees sharing company information with outside parties.
- Employees who fail to return company assets when they resign or are terminated.
- Data and files of your users are not managed by your IT department.
- Allowing staff to use their own device to access the company network.
Many employees leave the company and take different types of data with them. Customers’ financial information, marketing plans, leads, and other important information belonging to the company could be included.
Here are some of the few warning signs you need to look for:
- Data typically stored in the network will be uploaded to the cloud or backed up on personal USB drives and other storage devices.
- A sudden increase of emails.
- Messages sent and received by your employee to an uncertain vendor or companies you don’t do business with.
- Accessing your company database outside of normal business hours.
- Before leaving the company, employees have their devices cleared of files.
Here are some steps you can take to protect your company data when your employees leave:
- A comprehensive offboarding process that includes reviewing non-disclosure agreements and notifying the IT department of termination is imperative
- Allow employees access only to the information they need to do their job.
- Give your IT personnel the authority to oversee and track all employee files. It is important that all documents are stored in a secure repository under the control of your IT department.
- Immediately after an employee leaves, you should eliminate their account credentials from the network.
- Make sure ALL company assets are returned.
- Stale user accounts should be deleted at once. Identify inactive accounts and delete them immediately.
- Consider hiring a managed service provider or hiring an IT department that is highly efficient.
For more information on how you can protect your organization from insider threats feel free to Contact Us.