Is your network secure from ex-employees? When someone leaves your company, how do you remove their access to your business data? Particularly with mobile devices, an ex-employee may have emails and contact information on a smartphone that belongs to them, not you.
Take these steps to make sure former employees can’t access your network.
Technology Use Policies
If you don’t have Technology Use Policies in place, make it a priority to create them. They are designed to protect you, your business and your employees.
Technology Use Policies don’t need to be heavy-handed. They should be clear and reasonable so employees understand what’s acceptable at work. Policies also protect you and your business in the event of employee misconduct.
Here are a few questions your policies should address:
- Do your employees assume that they have privacy when using a computer at work? What’s your expectation? The courts have been mixed on this, but generally speaking, employees should not have an expectation of personal privacy when using company resources, particularly email.
- Do your employees have a clear understanding of which company information is confidential?
- Will you allow employees to download games or other non-business applications to your network? (We advise against it.)
- Can employees make personal calls on their company cell phone? What about shopping online using the company computer?
- If employees use their own device such as a smartphone, are they allowed to access your company network? When they leave the company, what happens to your company data? Decide what’s best for your company and include it in your policies.
- Does everyone have access to the internet? What activities, if any, are prohibited on a company computer?
Clearly communicating expectations will help everyone understand what happens from a technology standpoint when an employee leaves.
Passwords and Services
Depending on your IT environment, here are some of the steps you or your IT team will need to take to secure your network when an employee leaves:
- Disable the user’s account on the network and change the password.
- Decide what happens to the user’s email account. Should it be forwarded to someone else in the company for a short time? At what point, if any, should the account be disabled?
- If your employees use personal smartphones with company email access, disconnect the smartphone from the company email account. We suggest the user removes the account in front of the exit interviewer during the exit interview.
- Disable any third party application accounts, including those in the cloud, and change the passwords.
- Remove any VPN access from the user to disable remote access.
- If the user has anyone else’s passwords in the company, change those passwords.
- If the user has the local WiFi password, change that password. Your IT administrator should handle this.
With Technology Use Policies and help from a skilled tech team, you can be confident your network is secure from ex-employees.
If your business needs help managing IT, contact CRU Solutions.