Your employees can often pose a huge risk to your data security, but what about ex-employees? Well, it turns out they may present an even bigger threat.
When employees leave an organization, it’s prudent that their network and application privileges are immediately terminated. After all, there’s no need for them to have access to your data and this is particularly important if they’ve left to join a competitor. Not only that, it presents them with an easy route for sabotaging your network. So, it’s clear to see why it’s so important to revoke privileges, but it would appear this isn’t always the case.
Research by OneLogin has demonstrated that 50% of accounts previously held by ex-employees with the power to make IT-decisions are still active 24 hours after they have left the organization. And many employees have revealed that around 25% of their employees’ accounts will still be active for up to a week. And, as you well know, it can take mere seconds to completely compromise a PC, so the delay reported by OneLogin has the potential to cause real damage.
Why Do IT Accounts Need to be Terminated Immediately?
The majority of employees who leave your organization are highly unlikely to even consider wanting to log back on to your network, but there are some who may try as soon as they’ve left the building. In particular, disgruntled ex-employees who have had their contracts terminated are likely to be looking for revenge and, of course, those who have left the business to join a local rival may be tempted to log on and steal sensitive information to give them an advantage. While these individuals are in the minority, it still represents a huge threat to your data.
Despite being a basic threat, and one that’s easy to remedy, the statistics provided by OneLogin would indicate that it’s a simple procedure which is being ignored by many organizations. And the end result of this lackadaisical approach is, as OneLogin’s poll has found, that 10% of all data breaches are believed to have been committed by ex-employees. Eliminating this security risk, therefore, can make a real difference to your overall security.
How to Prevent Ex-Employees Accessing Your Networks
OneLogin have found that ex-employees can spell trouble for your security, but what can you do to minimize the risk? Let’s take a look:
- Create an exit procedure for IT privileges – Thankfully, most employees will give a certain amount of notice before leaving and this gives organizations plenty of opportunity to plan for their exit. Therefore, there’s no excuse for login details to be disabled as soon as that employee leaves. Sometimes, of course, employees will leave suddenly and, in these instances, IT departments need to be informed immediately to close these accounts.
- Reduce remote access – Some organizations may have networks which can only be accessed internally, so an ex-employee may struggle to even log in once they’ve left the business. However, many organizations provide remote access to their networks and, if an ex-employee can obtain the web address to access this, they could easily connect. To avoid this, make sure that only certain login names are allowed to log on in this manner.
- Incorporate an SIEM system – Using a security information and event management (SIEM) system can indicate employees’ activity within individual applications, so this can quickly indicate if any unauthorized access is being made. OneLogin discovered that 41% of organizations do not use this type of system, but it would appear to be crucial in protecting your data.
These approaches are simple, quick and easy, so there’s no excuse for being negligent in this area of security.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More