Checklist for Safe Digital Off-boarding of Employees

Digital footprints cover today’s modern workplace. Employees put them on as soon as they’re hired. They get a company email address and application logins. They may even update their LinkedIn page to connect with your company.

When an employee leaves a company, there’s a process that needs to be done. It is the process of “disconnecting” the employee from the company’s technology resources. This digital offboarding is critical to cybersecurity

You don’t want a former employee maliciously sending emails to all your customers from their work email. Sensitive files left on a former employee’s computer could be leaked months later. 

20% of companies surveyed have had a data breach that was traced back to a former employee.

Digital offboarding involves, among other things, revoking access rights to company data. This is an important process to perform for each former employee to mitigate risk.

Below is a handy checklist to help you address all aspects.


Your Checklist for Digital Offboarding 


1) Knowledge Transfer

When a person leaves a company, extensive corporate knowledge can be lost. It’s important to capture this as part of a digital offboarding process

This can be something as simple as which social media app someone used for company posts. Or it can be how to increase productivity. For example, how best to enter sales data into the CRM system.

Make sure you do a knowledge download with an employee during the exit interview. Better yet, have all employees document procedures and workflows on a regular basis. That way, the knowledge is available even if the employee isn’t there to complete those tasks one day.


2) Address Social Media Connections to the Company

Address any social media connections the former employee has. Is his or her personal Facebook user account an administrator for your company’s Facebook page? Do they post to your company’s LinkedIn page?


3) Identify All Apps & Logins the Person Has Been Using for Work

Hopefully, your HR or IT department has a list of all the apps and website logins an employee uses. But you can’t assume that. Employees often use unauthorized cloud apps for work. This is usually done without realizing the security consequences.

Make sure you know about any apps the employee may have used for business activities. You need to address these. Either change the credentials if you want to continue using the apps. Or, close them altogether after exporting company data.


4) Change Email Password

Changing the employee’s email password should be one of the first things you do. This prevents a former employee from accessing company data. It also prevents him from sending emails as a representative of the company.

Accounts are usually not closed immediately, as emails need to be saved. However, you should change the password to ensure that the employee no longer has access.


5) Change Employee Passwords for Cloud Business Apps

Change any other passwords for apps as well. Remember, employees often access business apps from personal devices. So just because they can no longer access their work computer doesn’t mean they can’t access their old accounts.

Changing passwords locks them out, no matter what device they’re using. You can simplify the process with a single sign-on solution.


6) Restore Any Company Device

Ensure that all company-owned devices are restored from the employee’s home. Remote employees are often given devices to use.

You should do this as soon as possible to avoid losing the devices. When employees no longer work for a company, they may sell, give away or throw away devices.


7) Recover Data on Employee Personal Devices

Many companies use a bring your own device (BYOD) policy. This saves money, but can make offboarding more difficult.

You need to make sure you’ve all company data captured on these devices. If you don’t already have a backup policy for this, now is a good time to create one.


8) Transfer Data Ownership & Close Employee Accounts

Don’t leave old employee cloud accounts open indefinitely. Select a user account to transfer data to, then close the account. Leaving unused employee accounts open is an invitation to hackers. Since the account isn’t monitored, breaches can occur. A criminal could gain access and steal data for months without being noticed

9) Block Employee Devices From Accessing Your Apps and Network

With an endpoint device management system, you can easily revoke device access. Remove the former employee’s device from the list of allowed devices in your system.


10) Change All Digital Building Passcodes

Don’t forget about physical access to your building. If you’ve digital passwords for gates or doors, you need to change them to prevent the person from gaining access.


Need Advice on Reducing Off-boarding Security Risk?

When you take a proactive approach to digital offboarding, the process is easier and less risky. Contact Onyx IT today for a free consultation to improve your cybersecurity.