Each business can use tech tips for firing employees. These tips can be used to create procedures to avoid data leakage, cyber attacks on unmanaged accounts and data theft. Once procedures are in place, it makes it easier to keep data secure and stay HIPAA and PCI compliant.
What are the risks?
If access to the network is left open when an employee leaves, sensitive data can be leaked to others outside the company. The previous employee can act maliciously or a hacker can find an account where no one is there to monitor the activities. The company is also more susceptible to ransomware or other viruses that can threaten the data on the network. Detailed exit procedures that eliminate all access to cloud software and any access to office hardware and software in addition to the human resources checklist is important to decrease risk.
What are the costs?
When exit procedures are not in place, compliance can be at risk when releasing each employee. HIPAA and PCI compliance demand that the network is secure so patient and credit card data is not leaked. PCI compliance specifically states, “The organization must ensure it has developed a password and user authentication management program that requires immediately revoking the access of all terminated users.” (§ 8.5.4, Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, 2.0) By not stopping access immediately, the business could face significant fines. The fine can be up to $10,000 per incident which can add up quickly. When business owners dedicate the time to creating exit procedures that include the IT Team, the business can prevent potential fines and preserve compliance.
What to include in exit procedures to protect against data loss?
There are many procedures that businesses choose to include in their exit procedures. Assigning some of these procedures to the business IT team or Managed IT Service Provider makes the process more secure by limiting access to program software passwords. Changing email and computer access is easy with access from a server. Unfortunately, cloud accounts are not always as easy due to the variety of programs that different users access. Documenting the program users, securely documenting the administrator accounts and updating them consistently is necessary. Then it is a simple process to terminate a user’s access to important data in each program. Without updating, it can be easy to miss an account and the potential for data loss to grow exponentially.
Tech Tips for Firing Employees
- Disable e-mail account and group distribution lists.
- Disable computer access
- Inactivate key card/fob
- Create an ongoing list of each cloud program an employee uses during employment.
- Disable cloud account access with administrator access
Using tech tips for firing employees prevents data leakage and preserves compliance. BlueKey IT Services can assist businesses in Phoenix create and implement exit procedures.