January 21, 2022 | By stephen

Share

1 in 4 Ex-Employees Still Has Access to Company Data

• Data Breach

According to a recent study by Beyond Identity, approximately 25% of employees can still access their past workplaces accounts and emails. What’s even more worrying from the report is that over 41% of these employees admitted to sharing their former workplace logins. So, as you’re strategizing to safeguard your systems from hackers, what are you doing to avert the threats from former employees?

VIDEO: Preventing Ransomware With The Basics| LeadingIT 038

You may have heard that your staff poses the highest cybersecurity risk, but rarely do we speak of the data theft by departing employees. This article delves into the dangers of failing to de-provision ex-employees from corporate applications and accounts and how to prevent them from accessing your networks.

How Many Former Employees Can Still Access Your Company Data?

The simple answer is — more than you may imagine. Based on the Beyond Identity research, one in every four former employees can still access emails and accounts from their former workplaces. A similar study by Identity and Internet Access Management (IAM) provider, OneLogin, suggests that this figure could be as high as 50%.

The OneLogin study gives a clearer picture of the number of former employees who can still access past workplace apps, emails, and accounts. According to the survey results:

• 70% of companies take approximately one hour to de-provision one employee from all the corporate application accounts
• 50% of former employees’ accounts remain active for longer than a day after leaving the workplaces
• 48% of organizations are aware that former employees can still access corporate applications
• 32% of organizations said that it takes over seven days to fully de-provision a former employee
• 20% of former employees’ accounts stay active for up to a month after leaving the workplace
• 25% of employees do not know how long former employee accounts remain active after leaving their workplaces

The bottom line is that most companies do not take the de-provisioning of former employees’ applications and accounts seriously. Out of the 500 US-based IT decision-makers who responded to the OneLogin survey, over 100 admitted that failure to terminate network access by former employees contributed to data breaches at their companies.

Why Should You Terminate Former Employee Access Privileges Immediately?

Most of the employees who leave your company may not even be thinking of logging back into your network, but you can’t miss a few rogue individuals. While these individuals may not be that many, you cannot overlook the threat they pose:

• Data loss: When you lay off employees, some of them may not take the termination of their contracts kindly. The disgruntled ex-employees may look for ways to take revenge by deleting or compromising your organization’s critical files. A perfect example is the former IT administrator at Lucchese, who shut down the boot manufacturing company’s servers and deleted crucial files when he lost his job.
• Data breach: According to a recent study by the Ponemon Institute, over 50% of employees have stolen data from former employers. Out of these, 40% said they intended to use the stolen information in their new workplaces.
• Wasted spend: Former employees using your G Suite, Office, and other work environment licenses may increase your service bills. Worse still, the service providers may continue billing you for unused accounts that you haven’t terminated.
• Breach of confidentiality: The present-day business environment is data-driven. You rely on data to make almost every critical business decision. Therefore, it’s common for companies to poach employees from rival organizations to access confidential information.

Tips to Keep Former Employees From Accessing Organizational Data

Here are a few ways to minimize the data theft risk from former employees:

• Develop an exit protocol for IT privileges: In most instances, you will give the employees a few weeks’ notices before their contract ends. Create an exit procedure that highlights how you will gradually withdraw exit privileges within this timeline. If you must end the agreement without prior notice, inform the IT department to terminate the employee’s access immediately.
• Interview the employee before they exit: Discuss the organization’s gadgets in their possession, accounts, and apps they have access to and get their contact information if you need to reach them later. The interview also ensures that the employee leaves on a good note.
• Deploy a Security Information and Event Management (SIEM) system: SIEM systems help monitor your network and user activities. You can use them to spot and thwart unauthorized access.
• Block external email forwarding and file-sharing: Sometimes, employees may try to ex-filtrate data to personal accounts for future access when they leave. That’s why it’s crucial to limit data sharing without the organization.
• Reassign former employees’ licenses: To prevent wasted spending, reassign Office, G Suite, and permits to those taking over the former employees’ roles. That way, no accounts will lie dormant and unused.

LeadingIT offers 24/7, all-inclusive, fast, and friendly cybersecurity and IT support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.