4 Steps to Securing Your Data When an Employee Leaves

After an employee leaves, you may cut off access to their email, but that alone doesn’t mean they’re not snooping on—or outright stealing—your data. In fact, one survey of 2,000 workers found that 36% discovered they still were able to access their former employers’ systems … and 9% actually did.

The danger isn’t merely theoretical. In 2018, a major U.S. bank disclosed that a disgruntled former employee had stolen the personal information of up to 1.5 million customers.

Vengeful ex-workers aren’t the only reason to protect data from former staffers, says Timur Kovalev, chief technology officer at Untangle, a San Jose, California, cybersecurity solutions provider to small and medium-size businesses. “Even when someone leaves on good terms, if they’re going to the competition, you as an organization should be concerned about data,” he says.

Former employees may hang onto login credentials for wireless networks, databases of company and customer information, customer relationship management (CRM) applications, social networks and more. They may have copied sensitive information onto personal devices or personal cloud storage accounts.

And while it’s obviously potentially harmful for an ex-staffer to take, say, new product plans to a competitor, it can be equally or more damaging if customer data is publicly revealed. Personal data protection laws put steep penalties on companies for failing to safeguard customer privacy, Kovalev says. “And the liability for protecting personal information is on the company,” he adds.

So, how do you keep data safe?

To prevent former workers from tapping into company data and networks, it’s important to start early. Here are four key steps:

1. Give employees access only to the data and accounts they need to do their job, and create data privacy and access policies that enforce data security. All new hires should be briefed on the rules, including the importance of keeping passwords private. They should be informed that if they leave, they will have to relinquish all company-issued devices, login credentials and data. Having employees sign a non-disclosure agreement that bars them from accessing or sharing company data after they leave their job adds another layer of protection. 

2. Set up a system to record every employee’s ability to access any company data from the first day to the last. “You have to make sure you track user access to various data to make sure you can systematically disable it when you need to,” Kovalev says. He says the same types of systems used to track physical assets, such as laptops, can also be used to record when employees get access to data and networks.

3. When an employee leaves, disable all access as soon as possible. If an employee is leaving involuntarily due to termination or layoff, cut off access before telling the employee of the separation.

4. Conduct exit interviews with each departing worker, stressing the importance of continuing to respect company data and network access. Collect all company-issued devices and instruct them to delete any company data from personal devices or cloud storage accounts.

The limits of data security

It’s impossible to perfectly secure all data from every departing employee. A worker can make multiple backups of a company-issued laptop, for instance. Even if he or she relinquishes one set of backups, another may remain without anyone knowing it, Kovalev says.

However, certain technologies may help companies better manage and control access to their network and online accounts. Single sign-on (SSO) platforms from companies such as OneLogin, Okta and JumpCloud, for example, let users enter one set of credentials to get access to cloud-based apps and data protected by firewalls. Monthly subscription prices for single sign-on solutions range from $1 to $10 per user. By simply removing a former employee’s access to the SSO, it can then cut off access to multiple apps at once.

Even so, it’s best to try and bring on only trustworthy people who’ll respect company data after they leave, Kovalev says. “A huge component is communicating with employees about the importance of this,” he says. “And hopefully not hiring people who are in the business of stealing your data.”

To learn more about how Spectrum Business Internet services and features can help improve your company’s data security, call us at 855-299-9353.