Employee Offboarding: How to Keep Data Safe During a Termination
The employee offboarding process presents significant data security risks. The Osterman Research study Do Ex-Employees Still Have Access to Your Corporate Data? found that 89% of employees were able to access sensitive corporate applications well after their departure.
Are you concerned about the damage a terminated employee could cause with access to sensitive corporate information, account passwords, and other proprietary data?
Consider this:
- 70% of intellectual property theft occurs within the 90 days before an employeeโs resignation announcement (Richard Agnew, Infosecurity Magazine)
- 88% of IT workers have stated that they would take sensitive data with them if they were fired (CyberArk Trust, Security and Passwords Survey 2008)
- 63% of employees have indicated that they brought data from their previous employer to their current employer (Code42 2019 Global Data Exposure Report)
These vulnerabilities need to be addressed as a part of your employee offboarding process. Keep reading for an overview of the cybersecurity risks of improper employee offboarding and to gain access to a white paper with valuable information for keeping data safe from insider threats following a termination.
FREE Employee Offboarding Checklist TemplateโPrevent Data Theft by Departing Employees
Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data?
Follow this employee offboarding checklist to protect your organization against insider data theft.
What Are the Data Security Risks of Offboarding Employees?
Employees are in the optimal position to steal and vandalize sensitive corporate data. They have intimate access to it, insider knowledge of the organizationโs systems, and a level of trust that could allow them to steal data undetected.
Insider data theft doesnโt exclude management, either; C-Suite employees are just as dangerous. In fact, 72% of CEOs surveyed by Code42 have stated that theyโve taken valuable intellectual property from their former employers.
Data Loss Through Vandalism/Sabotage
Without critical security controls in place, a disgruntled employee can wreak havoc on corporate data infrastructure.
For example, upon hearing that they were about to be terminated, a network engineer at EnerVest reset the companyโs servers to factory default settings and disconnected all of their remote backups, essentially eliminating access to all of the companyโs data and applications for its eastern United States operations.
This incident cost the company 30 days in lost productivity, with related costs exceeding $1 million.
๐ Related Article
Crushing Corporate Espionage CasesโAre Your Trade Secrets Safe?
Lost Competitive Advantage
63% of employees in a Code42 report have indicated that they brought data from their previous employer to their current employer. Employees that are seeking to transition to a new role may be motivated to use their current employerโs trade secrets to gain an advantage over other applicants.
Departing employees can use stolen intellectual property to gain a competitive advantage over their former employer, such as the two former General Electric employees that stole data on advanced computer models for calibrating turbines alongside related marketing and pricing information. The ex-employees used their former employerโs trade secrets to create a competing company.
Data Security Compliance Violations
Protected classes of data such as regulated data (HIPAA, GDPR, etc) and Personally Identifiable Information (PII) could be breached by an ex-employee. Data security compliance frameworks require robust security controls for ensuring the confidentiality, integrity, and availability of data.
If a disgruntled ex-employee manages to steal this sensitive information their former employer is highly likely to be held accountable for their lack of data security measures.
Why Do Employees Steal Data?
Financial Gain
The 2020 Verizon Data Breach Investigations Report found that 86% of data breaches are motivated by money. Confidential data can be a significant windfall for departing employees thanks to its inherent value for competitors and identity thieves. This data can include payment information, personally identifiable information (PII), and trade secrets.
Feeling Entitled to Intellectual Property
72% of business decision-makers in the Code42 report believe they are entitled to corporate data that they contributed to. This data includes IP such as source code for developers, renders of creative projects for designers, and contact information of clients for salespeople.
Revenge
Employees that are being involuntarily terminated from their roles, passed over for a promotion, or denied a desired raise are more likely to steal or sabotage corporate data and related systems as a way of โgetting backโ at the company.
This isnโt exclusive to involuntary terminations either. Motives for revenge can still be present when an employee voluntarily chooses to resign. Measures for preventing employee data theft incidents must be ongoing and proactive to effectively protect data against insider threats.
Accidental Retention
Organizations without critical security controls for managing the flow of data risk having sensitive information retained on employee-managed resources such as cloud storage accounts, personal devices, and email accounts.
This retention is not necessarily malicious in nature; departing employees may simply be unaware that the data is even there, or they may be unaware of the risks associated with having that data in their possession.
The possibility of accidental retention further emphasizes the need for an IT employee offboarding process that truly revokes an ex-employeeโs access to corporate systems.
How to Protect Data During Employee Offboarding
Is your employee offboarding process prepared to address the data security risks of a disgruntled ex-employee?
Learn how to keep sensitive corporate data safe during employee offboarding in CurrentWareโs new white paper โHow to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionalsโ
This white paper contains critical information that IT professionals need to know when deprovisioning a terminated employee.
- The Risks Associated With a Data Loss Event
- Causes and Motivations of Insider Data Theft
- Warning Signs of Insider Data Theft
- The Top 10 Best Practices for Mitigating Insider Data Theft
- Employee Offboarding Checklist for IT Admins
- Data Loss Prevention Solutions To Protect Data From Departing Employees
The employee offboarding process presents significant data security risks. Employees have intimate access to corporate data, insider knowledge of the organizationโs systems, and a level of trust that can allow them to steal data undetected. Click here to learn the best practices for protecting sensitive data during a termination.
FREE Employee Offboarding Checklist TemplateโPrevent Data Theft by Departing Employees
Concerned about the damage a soon-to-be-ex-employee could cause with access to IP, passwords, and other sensitive data?
Follow this employee offboarding checklist to protect your organization against insider data theft.
Included Topics:
- Human Resources & Administrative Controls
- Account and Access Deprovisioning
- IT Inventory Control
- Digital Forensics, Compliance, & Auditing
How to Use This Template
This free employee offboarding checklist template for IT admins is an interactive PDF complete with digital signature fields, checkboxes, and text boxes for each offboarding item. It includes pre-filled sections with key deprovisioning items as well as ample blank pages that can be customized to fit the unique needs of your organization.
This template can be printed as a standard document or used digitally as an interactive form. For the best experience you should use the free Adobe Acrobat Reader or the latest version of Microsoft Edge as your PDF viewer.
Conclusion
Insider data theft is a pervasive issue that threatens an organizationโs reputation, business continuity, and competitive edge. The employee offboarding process presents one of the greatest opportunities for insider threats to steal sensitive information, intellectual property, and other crucial data.
By combining a thoroughly planned offboarding process with advanced monitoring and control over data egress points an organization can protect their sensitive data against insider threats.
Ready to protect your data against insider threats? Gain access to CurrentWareโs FREE white paper โHow to Keep Data Safe When Offboarding Employees: Insider Threat Management Strategies For IT & HR Professionalsโ by clicking the button down below.