G2 ranks Uniqkey among 2023’s Top 50 Best Security Products. Read More 

How to keep company data safe when an employee leaves

Most companies don't have a formal process for safely offboarding former employees, leaving them open to data leaks by malicious actors. Here's how to prevent terminated employees from putting your company's security at risk by accessing private company data after the end of their employment.

An employee resigning (or being terminated) is never an easy situation. Both managers and employees are affected by the situation, which can complicate the entire ordeal. An in certain cases a termination needs to be handled with speed to avoid other situations from escalating.

On top of the emotionally-straining aspect of a termination or resignation, also comes an aftermath of administrative “cleaning work”. Usually involving passwords, access rights and other things that need to be gathered or retracted from the employee.

More passwords. Less overview.

As our lives become more and more digital, the number of passwords and logins we have to keep track of grows by the week. As a company and IT professional, it can be difficult to maintain a reasonable overview of which digital services a given employee have accessed throughout their workday.

It’s often the case that employees and departments use a long list of different cloud services and programs to get their work done in the most efficient way possible. Services that (in some way or another) impacts the day-to-day operations of a department or even the company at whole, and so potentially contain sensitive data.

The wide-spread use of cloud services, work systems and passwords also increases the risk of previous employees still having access to important systems after the end of their employement. This security hole could have fatal consequences for a company, in the case that previous employees have bad intentions and decides to take advantage of their access rights. Such an incident could have a direct impact on the daily operations of a company, its client portfolio and even its financials.

Cut cyber risk with better access management

“Being able to manage your employees passwords in a systematic way is incredibly valuable when employees suddenly get sick or lose their devices."

The goal of better access management, access control and passwords is not just to defuse external threats. It turns out that a lot of data breaches are actually caused by poor password-security or the result of previous employees still having access to the company’s systems or data. An increased focus on access control does not only provide company’s better protection against bad external actors, but also internal ones. As an added bonus, better access control and management also offers company’s a better repertoire to handle the cyber risks accompanying the rise of digitalization and a solution to minimize cases of unnecessary employee access.

For many companies, access management have essentially been based on mutual trust, which in so far as its respected, works well enough. Though, when this trust is broken, the consequences can be catastrophic. Because of this, the use of systems to assist admins in managing and controlling access rights and employee logins the organization, is one of the most effective ways to minimize the risk of data breaches, poor password-security and malicious behavior.

8 ways to gain better access control and improve employee password hygiene

  • Implement a password manager in your company to manage all passwords and logins connected to your organization.
  • Centralize the administration of passwords and employee logins with the use of an Identity and Access Management solution.
  • Only give employees access to passwords they need to get their work done.
  • Ensure all employees follow password strength best practices(long, unique and complex). We suggest using a password generator for this.
  • Rid former employees of priviliged access rights as soon as their employment ends.
  • Change passwords accessed by former employees.
  • Delete former employees work accounts as soon as you've secured their data.
  • Keep an eye out for suspicious activity or logins in your systems and audit logs.

Most of the things above can be automated by a password and identity manager to increase overall security and reduce the workload of admins. You also reduce a great deal of risk by ensuring you have a process for safely offboarding employees – you don’t want to be caught off guard and suddenly realize that a long list of previous employees still have access to your systems months or years after the end of their employment.  Being able to manage your employees passwords in a systematic way is also incredibly valuable when employees suddenly get sick or lose their devices.

Suggested articles

User Features

Admin Features

Use Cases

  • Increase Access Security
  • Automate 2FA Use
  • Manage Shadow IT
  • Increase Team Productivity
  • Securely Offboard Ex-employees
  • Streamline Access Management
  • Simplify Compliance

Resources

Whitepaper

Company

Comparison

Uniqkey A/S © All rights reserved.

CVR: 39004127