When an employee leaves your company, how do you also make sure their access to your business data is terminated? Particularly with mobile devices, an ex-employee may have emails and contact information on a smartphone that may belong to them, not you.
To help manage your business IT, here are some steps you can take to make sure your network is secure from access by ex-employees.
Technology Use Policies
If you don’t have Technology Use Policies in place, make it a priority to create them. They are designed to protect you, your business and your employees.
Technology Use Policies don’t need to be heavy-handed. They should be clear and reasonable so that employees understand what’s acceptable at work and also protect you and your business in the event of employee misconduct.
To get you started, here are a few questions your policies should address:
- Do your employees assume that they have privacy when using a computer at work? What’s your expectation? The courts have been mixed on this, but generally speaking, employees should not have an expectation of personal privacy when using company resources, particularly email.
- Do your employees have a clear understanding of which company information is confidential? With policies in place, you minimize your risk and have a basis for recourse if a disgruntled employee shares information that could damage morale or negatively affect you in the marketplace.
- Will you allow employees to download games or other non-business applications to your network? (We advise against it.)
- Can employees make personal calls on their company cell phone? What about shopping online using the company computer?
- If employees use their own device such as a smartphone, are they allowed to access your company network? When they leave the company, what happens to your company data? Decide what’s best for your company and include it in your policies.
- Does everyone have access to the Internet? Do you want them to be able to access any site on a company computer? What activities are prohibited?
Addressing these questions and clearly communicating expectations will help everyone in your company understand what happens from a technology standpoint when an employee leaves.
Passwords and Services
Depending on your IT environment, there are a number of steps you or your IT team will need to take to secure your network when an employee leaves:
- Disable the user’s account on the network and change the password.
- Forward the user’s email account to someone else in the company and change the password.
- If your employees use personal smartphones with company email access, disconnect the smartphone from the company email account. We suggest the user removes the account in front of the exit interviewer during the exit interview.
- Disable any third party application accounts, including those in the cloud, and change the passwords.
- Remove any VPN access from the user to disable remote access.
- Reboot desktop to log them out of system.
- If the user has anyone else’s passwords in the company, change those passwords.
- If the user has the WiFi password (for a WLAN) that should be changed. Your IT administrator may handle this rather than the user.
With Technology Use Policies in place and help with your IT from a skilled tech team, you can help ensure that former employees cannot gain access to information they should no longer have.
If your business needs help managing IT, contact CRU Solutions.