3 Essential Steps Before You Fire an Employee

Before you fire an employeeYour employees need access to your IT resources and accounts so that they can do their job, but what happens to that access and those passwords when you fire them? Nobody likes to think of firing their employees, or why you’d need to, but nonetheless, it is a responsibility of every business owner and they will face it at some point in time. While your book keeper or accounts team will stop their paychecks it is important to take the same proactive stance to stop their system access.

Most of the time, former employees leaves under good terms and you’ll wish them well. If you are lucky they may even manage the hand-over to their replacement (so your productivity losses are minimal). Other employees may leave your business reluctantly and / or angrily. While you will have very different feelings about the two scenarios, the risk to your business remains high until action is taken. Here are 3 steps you can take to protect your business from an angry ex employee:

Step 1: Limit access to a need-to-know basis

You might be surprised how often a new employee is presented with access to every ones account and has access to all the company data. Accounts, staff & customer details, strategy, marketing etc etc…all those sensitive parts of your business that have made it a success are exposed. A better policy is to limit access to only what the employee needs for their job. Rather than view it as a lack of trust, your employees will appreciate the care you’ve taken to protect your business (and their job). It also helps keeps them from becoming overwhelmed, confused or tempted if the situation ever turns sour. Likewise, take a few moments to delete old or temporary accounts that are no longer required – you never know when a hacker or disgruntled employee will squeeze through those gaps.

Step 2: Quickly change passwords

On average, it will take at least a week before passwords are changed after an employee is fired – if at all! Unfortunately, this type of delay is one your business can’t afford. In 2017, an ex-employee from the American College of Education held their entire email system to ransom for $200,000 after an unhappy exit. Stories of others stealing client databases are also common – especially if they leave to start their own business or work for a competitor. It is not just full-time employees either, contract and part-time employees such as social media managers and customer support email specialists often have access to more of your business than you might imagine. Yes you may be able to get the person involved prosecuted but it only takes seconds to login and wreak absolute havoc on your network. Knowing you can force those bad eggs into a lengthy court case is poor comfort considering the extent of damage you’ll likely endure. The best option is to change their access credentials fast – even before your employee knows they are fired. This lessens the chance of revenge attacks and opportunistic access.

Use a password manager

If you have good password manager like KeePass or LastPass, reducing your risk becomes mostly automated. You will be able to keep your passwords in a central vault and only share passwords to those who need that access – plus you can section off the passwords to different sections or job roles. If an employee leaves or moves to a new internal position you can change or revoke access.

We can help you secure your network and use a password management tool. Contact us at support@dpcomputing.com.au or 08 8326 4364.

Could Your Business Survive a Disaster?

Could your business survive a disaster?

With human errors, natural disasters, power problems and cyber terrorism on the rise, it’s not a case of ‘if’ a disaster will strike your business, but ‘when’ will it happen. If it does happen it is usually not the scope and size of the event that influences how your business is impacted but whether a business has a plan to work their way through the issues.

Put simply, this is a business continuity plan – a document that lays out the pre-planned responses to an event, laid out in detail and implemented to keep your business running with little or no downtime. Think about what would happen if your business was hit by a disaster tomorrow. Would it survive and how much downtime would it take to push you into dangerous territory?

According to an IBM study of companies that have had a major loss of data, 43% never reopen, 51% close within two years and just 6% will survive long-term. For some of those survivors their business continued as usual thanks to their business continuity plan. It is more than just disaster recovery, it’s full preparedness that bypasses the need for weeks of downtime, financial ruin, wasted salaries and a loss of reputation – but it does require a level of advanced planning.

Recommendations

Here are some recommendations on how to help your business survive a disaster.

Prioritize: You will need to plan exactly what you’ll recover first and know who is in charge of making that happen. It goes beyond a checklist of things to do, it is taking an analytical, process-based approach to recovery for each unique business perspective. But be realistic and plan to adapt – there is no point using precious time to reviving the email system if your financial data is leaking onto the internet – even if email did rank as your top priority!

Backup: The most critical part of your business continuity is having full backups located in three places. Why three? One copy locally which you rotate offsite each day, a backup offsite and one in the cloud. The local and offsite backups come into play for system crashes, cyber-attacks and the like. While the cloud backup comes into play when your business has taken a major physical hit, perhaps from fire, flood or other natural disaster where your location is not accessible or destroyed. Some businesses can run entirely location-independent when using cloud systems like Office365, which can be enough to help them survive.

Test: Make sure all employees know what the plan is, where it is located and their role in the plan. It is also recommended to test, prepare and rehearse your continuity plan under simulated disaster conditions. This will uncover new obstacles, priorities, additional threats and other potential problems before it is too late.

As businesses IT environments becomes more and more complex the importance of a robust business continuity plan increases. The best plans look beyond disaster recovery, taking into account scalability of your system and scope of your individual business, to help create strong battle lines that will keep your business operational, both now and in the long term.

Give us a call at 08 8326 4364 to discuss your requirements and assist you in creating a custom business continuity plan for your business.