Digital Employee Offboarding Checklist
Digital footprints run rampant all over today’s offices and workplaces. Employees start creating these footprints the moment they’re hired. Each team member get a company email address and application logins the day they start. They often update their LinkedIn page immediately to connect with your company.
Whenever an employee leaves a company, for whatever reason, a separation process needs to happen in a timely manner. The process of “decoupling” the employee from the company’s technology assets is vital to cybersecurity.
No company can afford for a former employee to maliciously email customers from their still running work email. Sensitive files remaining on a former staffer’s computer could leak due to a breach months later.
20% of surveyed businesses experienced a data breach connected to a former employee and their personal devices.
Digital offboarding entails revoking privileges to company data, among other things. Ensuring this separation is a critical process to go through for each former staff member to reduce risk for everyone.
We’ve written a handy checklist to help you cover all your bases.
The Digital Offboarding Checklist
Knowledge Transfer
Vast corporate knowledge and data can disappear when a person leaves an organization. It’s important for the company to capture and retain this during a digital offboarding process.
Keeping that knowledge could be something as simple as retaining business accounts on the social media apps someone used for company posts. Or it may be productivity leveraging, such as the best way to enter sales data into the business’s CRM.
Always do a knowledge download process with any employee during the exit interview. Even better, have all staff regularly document procedures and workflows on an ongoing basis. Keeping what’s written matched to what is actually done makes the knowledge available if the employee is ever not there to perform those tasks for any given reason.
Address Social Media Connections to the Company
Examine any social media connections to the former employee. Is their personal Facebook user account an admin for your company’s Facebook page? Probably want to get that access back from them. Do they post on your corporate LinkedIn page? You’ll want to revoke that privilege.
Identify All Apps & Logins the Person Has Been Using for Work
If your organization is good, your HR or IT department will own the list of all the apps and website logins that an employee uses. Assuming this, however, is a bad idea. Employees frequently use unauthorized cloud apps to work. Usually the employee does it because they feel they work better with the unauthorized app, without realizing the security consequences.
Make it your business to discover any apps that the employee may have used for business activities. The company will need to address these. You can always change the login if you plan to continue using them. If not, close and delete them altogether after exporting all company data.
Change Email Password
Changing the employee’s email password is always the first step. It’s a high priority because it keeps a former employee from accessing company information. Revoking their company email account also keeps them from emailing as a representative of the company.
Accounts are typically not closed immediately because emails should be stored and reviewed. However, the password should change immediately to ensure the employee no longer has access.
Change Employee Passwords for Cloud Business Apps
Change all other app passwords at once, right after changing the email password. Remember, people often access business apps on personal devices, and many employees are plenty tech savvy enough to do so. So, just because they can’t physically access their work computer any longer, that doesn’t mean they can’t access their old accounts.
Changing the passwords locks them out of business data no matter what device they are using. Simplify the process with a single sign-on solution, which your IT people should be able to help with.
Recover Any Company Devices
Make sure the company gets any company devices back from the employee’s home. Remote employees are often issued equipment to use, and even office employees may have a company cell phone.
Always do this as soon as possible to avoid loss of the equipment. Once people no longer work for a company, they can sell, donate, or trash devices. Those devices aren’t cheap, and if sold to the wrong person can even present serious security concerns for the company.
Recover Data on Employee Personal Devices
Many companies allow a bring your own device (BYOD) policy. Doing so saves them money, can also make offboarding more difficult.
Ensure you’ve captured and then deleted all company data on those devices. If your business doesn’t already have a backup policy in place for this, now is a good time to create one.
Transfer Data Ownership & Close Employee Accounts
Never keep old employee cloud accounts open indefinitely. Choose an active user account to transfer the data to and then close and delete the account. Leaving unused employee accounts open is a gold plated invitation to a cybercriminal. With no one monitoring the account, breaches happen often. A criminal could gain access and steal data for months all unnoticed.
Revoke Access by Employee’s Devices to Your Apps and Network
Using an endpoint device management system which your IT people can help with, the company can easily revoke device access from wherever necessary. Remove the former employee’s device from any and all approved device lists in your system.
Change Any Building Digital Passcodes
Remember in all of this to also deny physical access to your building. If you use any digital gate or door passcodes, be sure to change these so the person can no longer gain access.
Why Is This Published By A Business Phone Company?
Here at NoContractVoIP, we believe that your success is our success. And, since we specialize in business communication, we also want to help you communicate better. We create the communication systems that modern companies need to adapt to the hybrid and remote business models. To get the latest helpful content delivered to your inbox every month, subscribe to our newsletter here.
Looking for the finest stress-free custom business telephone systems? Contact us or call today at 866-550-0005!