Employee Offboarding: How to Prevent Departing Employee Data Theft and Keep Information Safe During Termination

The employee offboarding process presents significant data security risks. The Osterman Research study Do Ex-Employees Still Have Access to Your Corporate Data? found that 89% of employees were able to access sensitive corporate applications well after their departure.

Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data?

Consider this:

• 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement ^{(Richard Agnew}, ^{Infosecurity Magazine)}
• 88% of IT workers have stated that they would take sensitive data with them if they were fired ^{(CyberArk Trust, Security and Passwords Survey 2008)}
• 63% of employees have indicated that they brought data from their previous employer to their current employer ^{(Code42 2019 Global Data Exposure Report)}

These vulnerabilities need to be addressed as a part of your employee offboarding process. Keep reading for an overview of the cybersecurity risks of improper employee offboarding and to gain access to a white paper with valuable information for keeping data safe from insider threats following a termination.

FREE Employee Offboarding Checklist Template—Prevent Data Theft by Departing Employees

Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data? 

Follow this employee offboarding checklist to protect your organization against insider data theft.

Get the Checklist

What Are the Data Security Risks of Offboarding Employees?

Employees are in the optimal position to steal and vandalize sensitive corporate data. They have intimate access to it, insider knowledge of the organization’s systems, and a level of trust that could allow them to steal data undetected. 

Insider data theft doesn’t exclude management, either; C-Suite employees are just as dangerous. In fact, 72% of CEOs surveyed by Code42 have stated that they’ve taken valuable intellectual property from their former employers.

Data Loss Through Vandalism/Sabotage

Without critical security controls in place, a disgruntled employee can wreak havoc on corporate data infrastructure.

For example, upon hearing that they were about to be terminated, a network engineer at EnerVest reset the company’s servers to factory default settings and disconnected all of their remote backups, essentially eliminating access to all of the company’s data and applications for its eastern United States operations.

This incident cost the company 30 days in lost productivity, with related costs exceeding $1 million.

📑 Related Article
Crushing Corporate Espionage Cases—Are Your Trade Secrets Safe?

Lost Competitive Advantage

63% of employees in a Code42 report have indicated that they brought data from their previous employer to their current employer. Employees that are seeking to transition to a new role may be motivated to use their current employer’s trade secrets to gain an advantage over other applicants. 

Departing employees can use stolen intellectual property to gain a competitive advantage over their former employer, such as the two former General Electric employees that stole data on advanced computer models for calibrating turbines alongside related marketing and pricing information. The ex-employees used their former employer’s trade secrets to create a competing company. 

Data Security Compliance Violations

Protected classes of data such as regulated data (HIPAA, GDPR, etc) and Personally Identifiable Information (PII) could be breached by an ex-employee. Data security compliance frameworks require robust security controls for ensuring the confidentiality, integrity, and availability of data.

If a disgruntled ex-employee manages to steal this sensitive information their former employer is highly likely to be held accountable for their lack of data security measures.

Why Do Employees Steal Data?

Financial Gain

The 2020 Verizon Data Breach Investigations Report found that 86% of data breaches are motivated by money. Confidential data can be a significant windfall for departing employees thanks to its inherent value for competitors and identity thieves. This data can include payment information, personally identifiable information (PII), and trade secrets.

Feeling Entitled to Intellectual Property

72% of business decision-makers in the Code42 report believe they are entitled to corporate data that they contributed to. This data includes IP such as source code for developers, renders of creative projects for designers, and contact information of clients for salespeople.

Revenge

Employees that are being involuntarily terminated from their roles, passed over for a promotion, or denied a desired raise are more likely to steal or sabotage corporate data and related systems as a way of “getting back” at the company.

This isn’t exclusive to involuntary terminations either. Motives for revenge can still be present when an employee voluntarily chooses to resign. Measures for preventing employee data theft incidents must be ongoing and proactive to effectively protect data against insider threats.

Accidental Retention

Organizations without critical security controls for managing the flow of data risk having sensitive information retained on employee-managed resources such as cloud storage accounts, personal devices, and email accounts. 

This retention is not necessarily malicious in nature; departing employees may simply be unaware that the data is even there, or they may be unaware of the risks associated with having that data in their possession.

The possibility of accidental retention further emphasizes the need for an IT employee offboarding process that truly revokes an ex-employee’s access to corporate systems.

How to Protect Data During Employee Offboarding

Is your employee offboarding process prepared to address the data security risks of a disgruntled ex-employee?

Learn how to keep sensitive corporate data safe during employee offboarding in CurrentWare’s new white paper “How to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionals”

This white paper contains critical information that IT professionals need to know when deprovisioning a terminated employee. 

• The Risks Associated With a Data Loss Event
• Causes and Motivations of Insider Data Theft
• Warning Signs of Insider Data Theft
• The Top 10 Best Practices for Mitigating Insider Data Theft
• Employee Offboarding Checklist for IT Admins
• Data Loss Prevention Solutions To Protect Data From Departing Employees

The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected. Click here to learn the best practices for protecting sensitive data during a termination.

FREE Employee Offboarding Checklist Template—Prevent Data Theft by Departing Employees

Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data? 

Follow this employee offboarding checklist to protect your organization against insider data theft.

Get the Checklist

Included Topics:

• Human Resources & Administrative Controls
• Account and Access Deprovisioning
• IT Inventory Control
• Digital Forensics, Compliance, & Auditing

How to Use This Template

This free employee offboarding checklist template for IT admins is an interactive PDF complete with digital signature fields, checkboxes, and text boxes for each offboarding item. It includes pre-filled sections with key deprovisioning items as well as ample blank pages that can be customized to fit the unique needs of your organization.

This template can be printed as a standard document or used digitally as an interactive form. For the best experience you should use the free Adobe Acrobat Reader or the latest version of Microsoft Edge as your PDF viewer.

Conclusion

Insider data theft is a pervasive issue that threatens an organization’s reputation, business continuity, and competitive edge. The employee offboarding process presents one of the greatest opportunities for insider threats to steal sensitive information, intellectual property, and other crucial data. 

By combining a thoroughly planned offboarding process with advanced monitoring and control over data egress points an organization can protect their sensitive data against insider threats.

Ready to protect your data against insider threats? Gain access to CurrentWare’s FREE white paper “How to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionals” by clicking the button down below.