The reason I’m bringing this to your attention is that there’s a whole bunch of documented cases that we’ve seen of disgruntled employees who still have had access to systems, buildings and networks long after they leave. And disgruntled or not, realistically no ex-employee should have this kind of access.
What does this mean for your business?
It means that your data isn’t secure – in fact, worse case scenario, your ex-employee who has network access may be snooping on you and downloading sensitive info, viewing the company finances or in fact using company credit cards.
They may even be supplying the sensitive info to your competitors.
It could mean that ex-employees are stealing from you – what if they still have building access codes and know the staff routine? They may be paying your office a visit on the weekends and pocketing some goodies for themselves.
If your ex staff members have bought their own devices to work (BYOD), they may have VPN’s still installed, allowing access to your systems or they may even have proprietary office software on their devices, that should have been removed when they left.
What should you do?
Get an employee exit checklist together that’s applicable for your business.
Include items such as: staff logins, emails, phone systems, mobile devices, building entries, software logins, etc etc. Take the time to think about what systems your exiting staff have used and then go through each of these items and tick them off as you disable/change passwords. If you use password manager software for your teams, you may be able to just strike off the password entry for that particular person.
If you don’t feel comfortable with the technical side, then seek the help from an experienced IT specialist who can manage this for you, while you get on with the running of your business.
Has your business been compromised in any way by ex-employees? Share your thoughts with us below