The Cybersecurity Risks of Poor Employee Offboarding
- Offboarding is a ‘dirty job,’ but someone has to do it — and do it the right way.
- You may expose your organization to significant security risks if you offboard an employee improperly.
- When employees walk away from their jobs, they are not only taking their last paycheck with them — some may take home sensitive company data.
- Whether a long-term employee suddenly quits on bad terms, goes on leave, or you no longer utilize a contractor, improper offboarding or suspension of users’ permission and access poses a huge risk for organizations.
- While not every employee gives notice before leaving, your offboarding process should be handled in a delicate way to prevent disruption and mitigate potential risks.
As companies lay off thousands of people, they risk losing crucial data as former employees can walk out of the door with private records and sensitive customer information.
Yet, many businesses increase the risks by handling layoffs poorly. During the exit, you should deprive every former employee of corporate application accounts and revoke their access to the business devices and networks. Failure to do so may expose your business to unnecessary security risks from a disgruntled employee. Other consequences your business may face due to poor employee offboarding include the following:
1. The Risk of Data Loss
When you lay off an employee or they quit on the wrong terms, the relationship between your organization and the employee can get sour. A former employee with access to your business data can intentionally or unintentionally damage, delete, or corrupt files that might be critical to the business.
If you have not revoked access to organizational data, data breach events are a real possibility, and they can be catastrophic to your businesses.
Take a real-life example of a former IT admin of Lucchese — a boot manufacturing organization. The company fired the IT administrator, who took his frustration out on the business system. He deleted important business files, shut down servers, and damaged the company network.
He created a back door, posed as an office printer, and wreaked havoc on his former employer.
2. The Danger of Compliance Violation
Regulatory compliance frameworks are a critical part of the overall security framework of an organization. Someone who leaves a job sour and still has access to sensitive data can destroy or leak it, leading to serious compliance violations.
Violating compliance regulations can substantially cost your business in terms of fines and legal fees. For instance, GDPR can fine your business a range of up to $20 million or up to 4% of your global turnover.
3. The Threat of Data Breaches
Another risk that comes with improper offboarding is the theft of data. A recent survey shows that over half of employees admit to taking information from a former employer, with 40% admitting to intending to use it in new jobs.
Stolen data from your company is a real security breach that you must address through proper offboarding steps and procedures to prevent data exfiltration. Amid high turnover, workers are stealing source codes from their companies, presenting a threat of data breach.
4. Breach of Confidentiality
The business world is highly competitive, and companies can poach employees from competitors to access confidential contracts, proprietary knowledge, and business agreements. Failing to revoke a former employee’s access to the company’s confidential information can allow them to take any confidential materials to their new employer.
The consequences of a confidentiality breach can be devastating. A real-life example of a confidentiality breach happened on a job shift in the case of an engineer who quit his position with a U.S. clean-energy company to work with a wind-turbine organization in China. The engineer left with intellectual property (automation codes) to the competing company and almost ruined his former employer.
To protect your business confidentiality, have a clear obligation in the employment contract regarding how workers should treat confidential information during and after employment.
5. Reputational Damage
A good reputation is central to the success of any business, regardless of industry. It fosters good relationships with stakeholders, customers, suppliers and other industry players. Reputational damage due to a data breach or data loss stemming from a former employee can be detrimental to a business. Customers can quickly change to competitors for the same goods or services if they lose their confidence in your business.
The seemingly insignificant action of improper offboarding of an employee can cause irreparable reputation damage to your organization.
How to Mitigate Cybersecurity Risks Associated with Employee Offboarding
The time and attention you give employees during onboarding should be the same as when offboarding because there are some obvious risks associated with employees who:
- Quit unexpectedly
- Are terminated (wrongfully or otherwise)
- Are asked to leave their roles within a company
Having an offboarding checklist can save your business the vulnerabilities associated with employee offboarding. Some critical steps you can take during offboarding include:
Step 1: Create a Well-Structured Exit Interview
Exit interviews are essential assets to help your business part ways with the employee on a good note. You can use the interview to run key security processes, such as:
- Discussing the company devices the employee has in possession
- Reviewing the organization’s account access that the employee has
- Revoking business credit card access
- Getting the employee’s contact information so that you can reach them when needed after their last day
- Retrieving business assets you provided the employee with during the hiring phase, such as access cards, keys, passwords, or cell phones
Step 2: Disable Methods of Data Exfiltration
Next, you should prevent data leakage or access after the employee exits. Your organizational data could easily leak if a former employee can access, forward, and share emails and files. To prevent data exfiltration, you should:
- Disable email forwarding and file sharing for the ex-worker
- Reset passwords that grant access to your network
- Revoke access to all applications as soon as an employee exits
- Collect or delete company data from the employee’s mobile device or any other personal devices
Step 3: Reassign Suspended License to Another Employee
Odds are, you are spending for the license and applications the former worker was using. To prevent wastage of resources, reassign the suspended license to the employee assuming the former worker role.
Offboarding Begins Long Before A Worker’s Last Day
Offboarding should begin before the employee’s last day. However, many organizations think about offboarding when a problem surfaces, not before. If neglect becomes the only strategy, the results can be devastating. A simple offboarding mistake can cost your company a lot, but knowing the risks and taking proactive and preventive action to protect your business will save you from the dire consequences.
Mike Bowe | Published on December 01, 2022