Executives are well-versed in the threat of hackers, but the bigger danger lies in legitimate login misuse. What might not be as apparent is the more significant risk posed by individuals wielding legitimate login credentials to access sensitive data improperly. The avenues for this threat are diverse, from employees unknowingly divulging passwords in phishing scams to casually sharing them with colleagues.
As alarming as this is for current employees, the potential dangers magnify when ex-employees retain functional passwords long after leaving. Shockingly, statistics from Intermedia reveal that 89% of former employees maintain access to at least one application post-departure. This underscores the urgency of implementing a thorough checklist for employee separations, be it voluntary or involuntary.
The following items should be collected on or before the employee’s termination date:
- Laptops
- Company-owned storage devices, such as external hard drives or flash drives
- Company-owned phones
- Company-owned credit cards
- Access cards (such as those used to open building doors)
Login credentials to the following technology should be suspended on or before the employee’s termination date:
- Company email and calendar applications
- Telephone voicemail access
- PIN-based alarm or door systems
- Network or file access at all company locations
- Online credit card account logins
- Cloud-based software used by the company, such as Salesforce
- Marketing accounts, such as social media or website logins
- Company files (if any of these are on non-company owned devices, ensure they’ve been deleted)
If you’d like help from a Managed Services Provider in building and enforcing an IT checklist for exiting employees, call us at 919.779.0954 or contact us online.