I read a sentencing brief recently that included a laundry list of fraudulent actions an employee engaged in that eventually led to their termination and criminal prosecution. While the employee’s actions were astounding, the level of access they still had in the organization following their termination was even more astounding. After they were terminated, they were still able to remotely access sensitive corporate resources and used that access to delete files to try and cover their tracks. 

How could this have been prevented? In the same way that a company would have plans to onboard a new employee, they should also have detailed plans to offboard an employee. This results in a consistent process that ensures an employee’s network access is removed at the time of their departure. 

Each organization will have a different set of offboarding steps required, but the basics would be the same throughout. Has physical and remote access been disabled? Has company data been removed from personal devices? Is there data and emails that need to be retained or reviewed? Who should be notified of the termination? 

Having these detailed steps in place, and following them on a consistent basis, ensures that the organization is diligent in protecting against rogue actions by former employees. 

Aaron is a Senior Network Engineer at Symplexity. He achieved his CCIE Collaboration in 2014 and has more than 15 years of experience working in the IT sector. Aaron provides penetration testing(red team) services for our Symplexity Secure clients to help them validate existing security controls and simulate real world attacks on their networks. When not at work, he enjoys biking on Fort Wayne’s wonderful network of trails, smoking meat, and building Legos.

Ready to take your technology to the next level?

Contact Us Now