The employee offboarding process presents significant data security risks. The Osterman Research study Do Ex-Employees Still Have Access to Your Corporate Data? found that 89% of employees were able to access sensitive corporate applications well after their departure.
Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data?
Consider this:
These vulnerabilities need to be addressed as a part of your employee offboarding process. Keep reading for an overview of the cybersecurity risks of improper employee offboarding and to gain access to a white paper with valuable information for keeping data safe from insider threats following a termination.
Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data?
Follow this employee offboarding checklist to protect your organization against insider data theft.
Employees are in the optimal position to steal and vandalize sensitive corporate data. They have intimate access to it, insider knowledge of the organization’s systems, and a level of trust that could allow them to steal data undetected.
Insider data theft doesn’t exclude management, either; C-Suite employees are just as dangerous. In fact, 72% of CEOs surveyed by Code42 have stated that they’ve taken valuable intellectual property from their former employers.
Without critical security controls in place a disgruntled employee can wreak havoc on corporate data infrastructure. Upon hearing that they were about to be terminated, a network engineer at EnerVest reset the company’s servers to factory default settings and disconnected all of their remote backups. This incident cost the company 30 days in lost productivity, with related costs exceeding $1 million.
63% of employees in a Code42 report have indicated that they brought data from their previous employer to their current employer. Employees that are seeking to transition to a new role may be motivated to use their current employer’s trade secrets to gain an advantage over other applicants.
Departing employees can use stolen intellectual property to gain a competitive advantage over their former employer, such as the two former General Electric employees that stole data on advanced computer models for calibrating turbines alongside related marketing and pricing information. The ex-employees used their former employer’s trade secrets to create a competing company.
Protected classes of data such as regulated data (HIPAA, GDPR, etc) and Personally Identifiable Information (PII) could be breached by an ex-employee. Data security compliance frameworks require robust security controls for ensuring the confidentiality, integrity, and availability of data.
If a disgruntled ex-employee manages to steal this sensitive information their former employer is highly likely to be held accountable for their lack of data security measures.
The 2020 Verizon Data Breach Investigations Report found that 86% of data breaches are motivated by money. Confidential data can be a significant windfall for departing employees thanks to its inherent value for competitors and identity thieves. This data can include payment information, personally identifiable information (PII), and trade secrets.
72% of business decision-makers in the Code42 report believe they are entitled to corporate data that they contributed to. This data includes IP such as source code for developers, renders of creative projects for designers, and contact information of clients for salespeople.
Employees that are being involuntarily terminated from their roles, passed over for a promotion, or denied a desired raise are more likely to steal or sabotage corporate data and related systems as a way of “getting back” at the company.
This isn’t exclusive to involuntary terminations either. Motives for revenge can still be present when an employee voluntarily chooses to resign. Measures for preventing employee data theft incidents must be ongoing and proactive to effectively protect data against insider threats.
Organizations without critical security controls for managing the flow of data risk having sensitive information retained on employee-managed resources such as cloud storage accounts, personal devices, and email accounts.
This retention is not necessarily malicious in nature; departing employees may simply be unaware that the data is even there, or they may be unaware of the risks associated with having that data in their possession.
The possibility of accidental retention further emphasizes the need for an IT employee offboarding process that truly revokes an ex-employee’s access to corporate systems.
Is your employee offboarding process prepared to address the data security risks of a disgruntled ex-employee?
Learn how to keep sensitive corporate data safe during employee offboarding in CurrentWare’s new white paper “How to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionals”
This white paper contains critical information that IT professionals need to know when deprovisioning a terminated employee.
The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected. Click here to learn the best practices for protecting sensitive data during a termination.
Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data?
Follow this employee offboarding checklist to protect your organization against insider data theft.
Included Topics:
This free employee offboarding checklist template for IT admins is an interactive PDF complete with digital signature fields, checkboxes, and text boxes for each offboarding item. It includes pre-filled sections with key deprovisioning items as well as ample blank pages that can be customized to fit the unique needs of your organization.
This template can be printed as a standard document or used digitally as an interactive form. For the best experience you should use the free Adobe Acrobat Reader or the latest version of Microsoft Edge as your PDF viewer.
Insider data theft is a pervasive issue that threatens an organization’s reputation, business continuity, and competitive edge. The employee offboarding process presents one of the greatest opportunities for insider threats to steal sensitive information, intellectual property, and other crucial data.
By combining a thoroughly planned offboarding process with advanced monitoring and control over data egress points an organization can protect their sensitive data against insider threats.
Ready to protect your data against insider threats? Gain access to CurrentWare’s FREE white paper “How to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionals” by clicking the button down below.
Cookie | Duration | Description |
---|---|---|
__cfruid | session | Cloudflare sets this cookie to identify trusted web traffic. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
JSESSIONID | session | The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application. |
LS_CSRF_TOKEN | session | Cloudflare sets this cookie to track users’ activities across multiple websites. It expires once the browser is closed. |
OptanonConsent | 1 year | OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_zcsr_tmp | session | Zoho sets this cookie for the login function on the website. |
Cookie | Duration | Description |
---|---|---|
_calendly_session | 21 days | Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar. |
_gaexp | 2 months 11 days 7 hours 3 minutes | Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_GY6RPLBZG0 | 2 years | This cookie is installed by Google Analytics. |
_gcl_au | 3 months | Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
Cookie | Duration | Description |
---|---|---|
_opt_expid | past | Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected. |
IDE | 1 year 24 days | Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile. |
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
test_cookie | 15 minutes | The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
_dc_gtm_UA-6494714-6 | 1 minute | No description |
_gaexp_rc | past | No description available. |
34f6831605 | session | No description |
383aeadb58 | session | No description available. |
663a60c55d | session | No description available. |
6e4b8efee4 | session | No description available. |
c72887300d | session | No description available. |
cookielawinfo-checkbox-tracking | 1 year | No description |
crmcsr | session | No description available. |
currentware-_zldp | 2 years | No description |
currentware-_zldt | 1 day | No description |
et_pb_ab_view_page_26104 | session | No description |
gaclientid | 1 month | No description |
gclid | 1 month | No description |
handl_ip | 1 month | No description available. |
handl_landing_page | 1 month | No description available. |
handl_original_ref | 1 month | No description available. |
handl_ref | 1 month | No description available. |
handl_ref_domain | 1 month | No description |
handl_url | 1 month | No description available. |
handl_url_base | 1 month | No description |
handlID | 1 month | No description |
HandLtestDomainName | session | No description |
HandLtestDomainNameServer | 1 day | No description |
isiframeenabled | 1 day | No description available. |
m | 2 years | No description available. |
nitroCachedPage | session | No description |
organic_source | 1 month | No description |
organic_source_str | 1 month | No description |
traffic_source | 1 month | No description available. |
uesign | 1 month | No description |
user_agent | 1 month | No description available. |
ZCAMPAIGN_CSRF_TOKEN | session | No description available. |
zld685336000000002056state | 5 minutes | No description |