How to Secure Sensitive Data & Technology When a Remote Employee Leaves
Apr 24, 2020
How to Secure Sensitive Data & Technology When a Remote Employee Leaves
Apr 24, 2020

If an employee decides to pursue another job during the coronavirus pandemic, organizations must be prepared to keep proprietary data and company technology safe.

With COVID-19 shaking up employment, many teams are facing furloughs and layoffs. Some employees, however, are also opting to leave their jobs during this chaotic time. No matter the  reason, companies must have the proper plans and security in place for an employee’s departure.

Companies have been forced to quickly adapt to remote work because of the coronavirus, many of which have never worked entirely remotely previously.

“Organizations are frantically trying to enable existing workforces to become full-time remote workforces,” said Arun Kothanath, chief security strategist at Clango, an identity and access management (IAM) consultancy. “This requires organizations to rapidly roll out VPNs and authentication technologies, such as multi-factor authentication, while enabling employees to be able to connect to mission-critical assets from their remote workstations.” 

While equipping employees with secure connections is one of the crucial first steps to launching a remote workforce, businesses must also consider how to rescind such access upon employee termination or departure.

“The only way to secure critical business data is to control the access to it,” Kothanath said. “When an employee is terminated or informs the organization they are leaving for another company, there must be a way for an IT manager to immediately revoke the employee’s access.”

Neal Taparia, co-founder of SOTA Partners, said he once experienced an employee send themselves sensitive business information upon figuring out their employment would be terminated.

To help prevent other organizations from facing similar situations, Taparia and other experts outlined the following best practices for keeping company information and hardware secure in the event of an employee leaving.

IT’s responsibility for when an employee departs the company

Remove email access

After Taparia’s bad experience, he said the first thing his company does is shut off access to the employee’s email, that way the employee can’t send themselves items.

“We’ll also quickly peruse the type of activity they’ve had in their Google accounts. We use the Google Apps Productivity Suite, and it gives you some administrative abilities to see what’s going on,” Taparia said.

“We’ll look for any type of suspicious behavior, and we’ll try not to signal to [employee] that we’re going to have this tough conversation so they have time to [transmit sensitive files],” he added.

Confiscate company hardware

One problem employers might run into is how to retrieve company hardware from its remote workers.

Taparia said companies should make this process easy. His organization provides a box with a shipping label for the worker to send their items. He also said to guarantee the employee sends hardware back, his organization leverages severance.

“We try to get them a box with a shipping label as fast as possible, and we’ll tell them, ‘We want to give you the severance, but we do need that equipment back as soon as possible. If you want full severance, we need that back ASAP, and we’re going to make it as easy for you as it is possible to put it in the box and put the shipping label on it and just get it back to us,'” Taparia said.

Return in-office items

Since many companies were forced into remote work with COVID-19, employees may still have belongings in the office they need upon termination or departure.

“We told the employee we let go that we’d return their personal items via Fedex when we deemed it safe to return to the office again,” Taparia said.

“If it’s urgent, I still wouldn’t recommend compromising any of your staff to go to the office to return personal items. Right now, risking your health is outside of anyone’s responsibilities,” Taparia added.

Eliminate all digital accounts

The last component to consider is the employee’s various digital accounts. Just because they leave your organization, that doesn’t mean they may not try to access various accounts from personal devices.

“You need to consider all the digital assets they have remote access to as well,” said Finn Faldi, president at TeamViewer Americas, an enterprise remote access and support provider.

“Single-sign on and conditional access tools can provide you with one of the most secure environments to help you manage who gets access to what digital assets,” Faldi said. “If you have these tools in place as part of your remote connectivity solution, you can turn off all access to all company systems in real time as individual employees are off-boarded.”

Additionally, organizations that have an IAM program in place can easily revoke employee access to critical business data and assets, from anywhere, Kothanath added.


Related Articles

The Benefits of Offering Hybrid Working

The Benefits of Offering Hybrid Working

When it comes to attracting candidates, the benefits of offering hybrid working are something you should consider. As we all return to spending more time in the office, is it necessary to have your team on site for 5 days? We appreciate that some roles in IT are hard to perform remotely. However, it still seems that most candidates are looking for flexibility and some for of hybrid working.

read more
Top 4 Tips for Hiring the Right Employee in IT

Top 4 Tips for Hiring the Right Employee in IT

Hiring the right employee is key to the success of your business. But in a skills crisis you may find yourself having to be a little more flexible than in previous years. However, there are still some key things you need to look for when hiring.

read more
Employee Retention: 5 Tips for Retaining Top IT Talent

Employee Retention: 5 Tips for Retaining Top IT Talent

Employee retention is a hot topic right now. With the jobs market at pre-pandemic levels already, more and more people are moving on to a new challenge. On top of this, the skills shortage we all experienced before Covid is now back with a vengeance. So it’s more important than ever that you look after your top talent.

read more