Three years after I left my former job, I got an official letter telling me the organization suffered a data breach. My personal information was at risk of identity theft. I shouldn’t have been surprised. That job’s offboarding process hadn’t been the best. For years after leaving, I had access to my email and to databases filled with sensitive data. While the cause of this data breach was never revealed, it could have very well been a former employee with a grudge, someone who had the same easy access I did.
The employee offboarding policy and process is usually handled by human resources and the employee’s bosses. Maybe legal gets involved if there is something nefarious happening. IT and cybersecurity are an afterthought, if decision-makers even consider them at all. Even if you take away the former employee’s physical access — the keys, the badge — they may still be able to log in to the network, putting the company at risk of data breaches and putting them in violation of privacy compliance.
Before an employee goes through the final offboarding process with HR, IT and security teams should begin the process of deleting the out-going employee from network access.
Why Deleting a Former Employee’s Digital Profile Matters
The vast majority of people are good. When they leave a company — or move from one department to another — they have little interest in looking back at the offboarding process. They may not even notice they might still have access. Maybe they’ll look to see if they still have email access, but only to see if there is something important they may have missed.
But, not everyone is a good person. People w ..
Support the originator by clicking the read the rest link below.
