Your employees need access to your IT resources and accounts so that they can do their job, but what happens to that access and those passwords when you fire them? Nobody likes to think of firing their employees, or why you’d need to, but nonetheless, it is a responsibility of every business owner and they will face it at some point in time. While your book keeper or accounts team will stop their paychecks it is important to take the same proactive stance to stop their system access.
Most of the time, former employees leaves under good terms and you’ll wish them well. If you are lucky they may even manage the hand-over to their replacement (so your productivity losses are minimal). Other employees may leave your business reluctantly and / or angrily. While you will have very different feelings about the two scenarios, the risk to your business remains high until action is taken. Here are 3 steps you can take to protect your business from an angry ex employee:
Step 1: Limit access to a need-to-know basis
You might be surprised how often a new employee is presented with access to every ones account and has access to all the company data. Accounts, staff & customer details, strategy, marketing etc etc…all those sensitive parts of your business that have made it a success are exposed. A better policy is to limit access to only what the employee needs for their job. Rather than view it as a lack of trust, your employees will appreciate the care you’ve taken to protect your business (and their job). It also helps keeps them from becoming overwhelmed, confused or tempted if the situation ever turns sour. Likewise, take a few moments to delete old or temporary accounts that are no longer required – you never know when a hacker or disgruntled employee will squeeze through those gaps.
Step 2: Quickly change passwords
On average, it will take at least a week before passwords are changed after an employee is fired – if at all! Unfortunately, this type of delay is one your business can’t afford. In 2017, an ex-employee from the American College of Education held their entire email system to ransom for $200,000 after an unhappy exit. Stories of others stealing client databases are also common – especially if they leave to start their own business or work for a competitor. It is not just full-time employees either, contract and part-time employees such as social media managers and customer support email specialists often have access to more of your business than you might imagine. Yes you may be able to get the person involved prosecuted but it only takes seconds to login and wreak absolute havoc on your network. Knowing you can force those bad eggs into a lengthy court case is poor comfort considering the extent of damage you’ll likely endure. The best option is to change their access credentials fast – even before your employee knows they are fired. This lessens the chance of revenge attacks and opportunistic access.
Use a password manager
If you have good password manager like KeePass or LastPass, reducing your risk becomes mostly automated. You will be able to keep your passwords in a central vault and only share passwords to those who need that access – plus you can section off the passwords to different sections or job roles. If an employee leaves or moves to a new internal position you can change or revoke access.
We can help you secure your network and use a password management tool. Contact us at firstname.lastname@example.org or 08 8326 4364.