Most cybersecurity breaches don’t occur due to hackers; they occur due to malicious or negligent employees. When employees leave a company, they can often take data with them, whether it’s in their mailbox or on their personal phone. Here are the steps that you should take to protect your company’s data when an employee leaves.
Immediately Decommission All Accounts
When an employee leaves, their remote access, email accounts, and other logins should be immediately deactivated. Employees should be directed to refrain from using corporate email accounts for personal tasks for this (and many other) reasons. If an employee needs to collect information from their work PC, they should be monitored by IT personnel. A company doesn’t have to give employees this option (they shouldn’t have any personal information on their work PC regardless), but if the employee is separating on good terms, it may be considered.
Collect Company Hardware
Company phones, tablets, and laptops should be collected by the IT department immediately. Employees shouldn’t be allowed to take these items home and “send them later,” as this gives them time to potentially transfer data to another device. If it’s already been decided that an employee will be leaving — and they have particularly high-value information on their devices — they should be asked to return these devices immediately upon termination. This is why many highly secured companies will let employees go immediately upon their two weeks notice.
Avoid Distributing Data Locally
A document management system that is only accessible via an application is vastly more secure than locally distributed data. If an employee has to login to review documents, then simply taking away their login information will protect those documents. If employees are trading documents back and forth, through email accounts and downloads, then this data could be absolutely anywhere. In companies that have strong Bring-Your-Own-Device policies, it’s imperative that data be protected this way.
Take Away Physical Access Cards
Often, physical access is forgotten when protecting digital data. All the passwords in the world won’t stop someone from simply picking up and walking away with a server. Make sure that any physical access cards and keys have been taken away from employees, especially employees that have direct access to company hardware.
Our data-intensive world comes with a number of challenges. As comprehensive as your data security is, there’s always the potential for a data breach. Cyber insurance helps. Cyber insurance protects your business from the costs of data compromise. Contact World Wide Specialty Programs to learn more about liability and staffing insurance.
About World Wide Specialty Programs
For the last 50 years, World Wide Specialty Programs has dedicated itself to providing the optimal products and solutions for the staffing industry. As the only insurance firm to be an ASA commercial liability partner, we are committed to that partnership and committed to using our knowledge of the industry to provide staffing firms with the best possible coverage. For more information about Staffing Professional Liability Insurance or any other coverage, we have available to protect your staffing business, give us a call at (800) 245-9653 to speak with one of our representatives.