When an employee leaves an organization, whether he/she quit, was fired or laid off, that employee’s access to online company data should be immediately terminated or limited. Ensuring that former employees cannot continue to access your network(s) after their departure is critical for security. How can you, as a business owner or supervisor, safeguard your network from the threat of an ex-employee “sabotage”?
Acceptable Use Policies
An Acceptable Use Policy (AUP) is a document that summarizes a set of regulations to be followed by users / employees on your company network. Although the information contained in these policies may be extensive, they need to be written clearly. They should be reasonable enough for all of your employees to understand and follow. They must protect you and your business from employee misconduct.
Your policy should cover a number of issues, including:
Company resources. Employees should be aware that they may not have personal privacy when using company resources.
Confidentiality. The policy put in place should protect the business and provide a plan to remedy a the situation in the event that a former employee shares information that could negatively impact the company.
Non-business applications. It is advisable that you do not allow employees to download games and other applications on your network.
Company cell phones. Your policy should outline whether or not an employee can make personal calls on company cell phones or shop online with a company computer.
Company network. Detail whether or not your employees are allowed to access your network on their personal devices. Describe what happens to this data once they leave the company.
Web access. Discuss all online employee restrictions.
Passwords and Services
Certain network tasks must be addressed when an employee leaves. These tasks include:
Disabling the employee’s account on the network and changing all passwords.
Disconnect the employee’s personal smart phone from the company email account.
Disabling third party application accounts and changing the passwords.
Removing VPN access from the user to disable remote access.
Rebooting their desktop and log them out of the system.
Changing the Wi-Fi password if the employee has access to it.
Following the methods above will ensure that your past employees will not have continued access to your network. This way, you can help safeguard the privacy of your organization.