Employees need to do their job, thus access to various business accounts, but what do you do about the passwords they have when you fire them? None of us like to think about firing an employee, or even why you would need to fire them, but no matter, it is a something you must face at some point as a business owner. While human resources and account teams will most likely be on top of stopping paychecks and building access, it is very important to take the same stance to strip access to information systems and technology.
Most often, employees leave under good terms and you will wish them well and if you are lucky they will even conduct a hand-over with a replacement so there is no loss of productivity, or the loss is minimal. However, some employees can sometimes leave reluctantly and with anger and suspicion. Even though you will have very different feelings about both of the scenarios, the risk to you systems, an business, remain high until your organization takes action. Below are three steps your organization can take to guard the business from revenge and other password-related disaster.
Reduce access to a need-to-know basis
You would be amazed how many times a new employee is given the whole business on a silver platter when their position requires little more than a computer login credentials. Strategy, industry secrets, customer details, accounts…all of the very important and sensitive aspects of a business’s success – exposed. The best company policy is to limit an employee’s access to only what they need do their job. Rather than view this limited access as a lack of trust, you employee, and customers, will appreciate the care you take to protect your business, (and customer data). This limited access also keeps an employee from feeling confused and overwhelmed, or tempted if the employment situation turns sour. Likewise, you should always take time to remove temporary and old accounts that you do not require any longer. You never know when a hacker or and angry employee will squeeze through the gaps.
Quickly change passwords
Regretfully, on average, it often takes a week or more before passwords are changed when an employee leaves or is fired, if they are even changed at all. This delay in password changes is an unfortunate type of delay your business can not afford to accept. In 2017, the American College of Education had an ex-employee, with an unhappy exit, hold the entire email system for a $200K ransom. There are stories of ex-employees stealing client data when they leave the company to work competitor or start their own business. It is not just full-time employees you need to worry about either. Part-time and contract employees like customer support specialists and social media managers usually have access to more of your business data than you may think. Recent court rulings make it possible, and easy, for businesses to prosecute former employees who access their systems. However, it only takes seconds to login and create chaos. It is poor comfort knowing you can take these bad eggs to court considering the massive amounts of damage they can inflict on your business – and even your customers!. Changing passwords quickly is the best solution – and is a step to be taken before the employee is fired or leaves. Removing access before the employee is fired or leaves reduces the chance off revenge or opportunistic access and attacks.
Password Manager Usage
If you have a great password manager like LastPass or RoboForm, reducing risk becomes almost automatic. With a good password manager you can keep your logins in a central vault that only you can see and share based on the business roles and need. There is also sometimes an option to share passwords without letting employees see them in plain-text form. Employees will be able to connect to what they need securely with a click. No longer will they need to to write them down or manually enter them each time. The big plus? They can be revoked at any time. Even if roles just change, or they are fired, you can easily use the dashboard to view and revoke/grant access as needed. If you are not sure what a certain employee has been up to,, you can also create reports of their usage history.
Do you need password management help for you home or business? Contact us at Brochin.net LLC.