In a recent article, MNP’s Kerry Mann, National Leader – Enterprise Resource Planning, discussed the costs, risks and challenges of...
Protecting Your Company When an Employee Leaves
Have you ever thought about what you should do an employee leaves your company?
As an IT professional, I believe this is a question that does not get asked often enough. There are implications to security and the reputation of your company is at stake!
In terms of best practices I would point to what we do here at Mantralogix. We have developed a master spreadsheet with all the items listed that have been assigned to the care of an employee; so we know exactly what we need to collect from them when they leave. I know that this can’t always be a practical solution for all businesses, but there are 2 things at a minimum that you most definitely should do.
- Change the network password
The first thing that should always be done is to, at the very least, change the network password of the departed employee. This is to prevent unauthorized activity from happening on this departed employee’s account with no traceability or accountability. This also means that only those who need access to the data available from this profile are authorized. You don’t want just anyone having access to the data because you never know if there is sensitive information in this person’s folders. This is also why users should never share their passwords with their co-workers because you never know who will gain access to your profile on your computer.
2. Provide alternatives
The second thing that must be done is to redirect this person’s email account to ensure no correspondence goes unanswered, which could result in poor customer service/ lost business. This is also important because you want to ensure accountability of replies being sent. You want everyone to know who emails are being redirected to and who should be replying in the future.
Other best practices include placing an out of office reply on the email account so that the recipient knows that the employee has left the organization and to whom their emails are being redirected to/ who else they should contact; otherwise you run the risk of losing the trust of your client. Without this step, your client may perceive you as having something to hide, and may ultimately cause them to question whether to continue doing business with you.
Risk of not being proactive
I know of an occasion with one of our customers where an employee left their company. The person taking over the responsibilities of the departed employee kept using the network login and email account to keep sending emails. The customer receiving the emails became suspicious because they were unsure of who was actually sending these emails because they knew the departed employee was no longer working there.
It is crucial that proper procedures be followed every time there is an employee change to 1) make sure that someone is charged with the responsibility of handling follow-up to any in process correspondence and 2) there is accountability for who is making these follow-up enquiries.
I understand that you may wish others to have access to important files or emails and there is a way to do this without having to keep the current credentials active, and yet also allow for the aforementioned accountability to be established. There is nothing more important to a company’s business than knowing their personal data is being handled securely and confidentially, and following this process will go a long way to maintaining this in the event of an employee change.
Contact us, or call us at 1-866-320-8922 for help on keeping your business protected and secure! Interested in more hot tips on security? Make sure to check out our post on ensuring your business’s network security.
