How to Protect Your Business Against Former Employees

By September 9, 2019 September 17th, 2019 Security
Protecting Against Former Employees

We’ve said this frequently, and we’ll say it again. One of the biggest security weaknesses that businesses face are their own employees. This isn’t pleasant, but it’s a truth that we have to face. Humans are a weak link in our cybersecurity defenses. When we make mistakes – forgetting to change a default password or clicking on a link we shouldn’t – we open the door for attackers.

But there’s another way that your people can threaten your organization. It’s from within: disgruntled or dissatisfied former employees. These are people who are no longer with your business but may still have access to your network and your accounts. Plus, they know how you operate.

This is a real fear, and one you should take seriously. 24% of SMBs are more concerned that attacks will come from ex-employees than from hacktivist groups, competitors, or state-sponsored hackers (Source: AppRiver). A recent survey shows that 20% of organizations have already experienced data breaches by ex-employees (Source: OneLogin).

How can you reduce this threat? Here are some steps to help prevent former employees from attacking your business or breaching your data.

Remove former employees’ access immediately

Make sure that your employee offboarding procedures include steps for removing all of a former employee’s access to your network and company accounts. Even though this process can be time-consuming, but it’s critical.

Your IT staff or support firm should be notified immediately that an employee is leaving. There should be no confusion about who is responsible for revoking access and permissions, changing login information, and removing users from accounts.

Change your passwords

On top of revoking their access, make sure that you’ve changed the passwords for all systems and accounts that an employee had access to. This includes changing administrative passwords for servers and networks. Notify third-party services (e.g. email or customer support, vendors and partners, etc.) to update passwords as well.

Recognize the signs of a disgruntled employee

You should try to identify problematic ex-employees early on. The National Cybersecurity and Communications Integration Center has a “Combating the Insider Threat” resource. It can help you learn the characteristics of employees who are at risk of becoming a threat.

If you can recognize the behavioral indicators of a problematic employee, you are ahead of the game in knowing how to deal with the situation in a safer way.

Issue Warnings

You should begin with preventative measures. Make it clear to new employees what your “acceptable use” policy is for company information, devices, and systems. When an employee departs, ensure they are clearly informed about the legal consequences of trying to access the company’s systems or take sensitive or proprietary data with them. Make sure they sign statements that acknowledge they’ve been informed of these policies.

Is that all?

There’s more you can (and should) do to protect your organization from insider threats. These recommendations should be used on top of existing security defenses, like data protection and backup solutions, firewalls, network monitoring, and more.

Do you have any questions about how you can protect your organization from insider threats? Please feel free to contact us and to view our full suite of security services.


Recent Posts / View All Posts

The Importance of Multi-Factor Authentication (MFA)

Security Lockdown: The Importance of Multi-Factor Authentication (MFA)

| Security | No Comments
You may have noticed that recently a lot of your accounts are now requiring multiple methods of verifying your identity when you login. No longer do you just enter your username and password to get into your email, your cloud apps, or your accounting system. You now also need to input a short code that is texted to you, generated by an app, or emailed. In some cases, you might be getting verification phone calls, using a smart card, or entering biometric data like a fingerprint. What is this? This is multi-factor authentication (MFA). MFA consist of three things that…
Tips for Outlook Calendar

Tips for using Outlook calendar

| Tech Tip | No Comments
Confession: I am not an Outlook Calendar junkie. But if one of my coworkers looks at my calendar, they’ll likely see a smattering of events, tasks, and outside work commitments on my calendar. I also have a very long list of “Shared Calendars” so I can check up on coworkers’ schedules – it’s not lurking if it’s business! Like most people at my company, I use Outlook Calendar to remind myself and everyone else (who cares to know) when I am and am not available. Outlook Calendar is an invaluable tool if you’re in the habit of checking if someone…
2020 Cybersecurity Update from OXEN Technology

2020 OXEN Update on Cybersecurity

| Consulting, Security | No Comments
Every day we read about another cybersecurity breach. Lost credit card information, hacked emails, corporate or national security information stolen by insider or external actors. Cyber espionage and security attacks have become sophisticated and big business. We have reluctantly learned a new language: ransomware, “phishing”, malware, HIPAA (in healthcare), PCI (for credit card protection), and PII (personally identifiable information) to name a few. The challenge grows even faster as more and more devices are attached to our networks. New devices like thermostats, smart lights, cell phones, watches, and smart monitors of all types connect to our networks to share information.…