Three of the Most Common Employee Offboarding Mistakes

There’s a famous phrase you’ve probably heard before: to err is human.

Those words sum up why your security posture needs to focus on human actions–or the absence of them. 

When seen from this lens, cybersecurity becomes about much more than cleaning up after mistakes. It’s about proactively putting into place measures to prevent the sort of human error that can cost your organization big time.

This human component–commonly known as “insider threats”–can be categorized into either malicious, accidental, or negligent. 

Insider threats account for a whopping 39% of all data breaches according to recent research.

In the U.S. a data breach costs a company on average $8.19 million. The cost per breached record, $242, is steep too.

There are a lot of steps you can take to mitigate the risks posed by insider threats. But one of the best actions you can take is to avoid these three common employee offboarding mistakes.

 

Why Does Employee Offboarding Matter?

What is the worst thing a person can do to hurt their previous employer? This may never be more than a passing thought for most people, but whenever there’s a layoff, at least a few of the freshly terminated employees are seriously pondering it.

They could:

  • Pay someone else to disrupt the business
  • Sell passwords to the highest bidder
  • Sell detailed insider information

A smooth and swift employee offboarding process can help mitigate the changes of an employee having the ability to do something malicious. 

Even if there are no malicious intentions, employees may still–even unwittingly–have access to important customer information and systems. Not only can this weaken your security, but this can also be a breach of a number of data protection laws.

 

What are the Three Most Common Employee Offboarding Mistakes?

Here are the three most common employee offboarding mistakes.

1. Not Collecting Employee Equipment Quickly

To ensure you collect all employee equipment quickly you need a solid process for managing the provisioning and deprovisioning of it.

You should document equipment assigned to employees; require employees to accept and sign an equipment agreement that includes a list of received equipment that must be returned upon termination; and ensure that you collect all equipment immediately when someone is leaving your organization.

 

2. Not Taking Into Consideration BYOD Devices

Companies are moving toward a BYOD mindset where the employee is able to provide their own devices – laptops, cell phones, and tablets – on top of VDI technologies.

You need to make a plan to proactively manage data access and ensure that when someone leaves you’re able to remove any company data from their devices.

This should clearly be outlined in any BYOD device agreement that employees sign.

 

3. Not Keeping Track of an Employee’s Software Usage

The challenge with the growth of SaaS usage and Shadow IT is that you need to figure out what apps employees have signed up for and used, what access permissions you must revoke, and what company data resides in these apps. 

It’s not always easy to do this due to the sheer volume of apps in use. That’s where a SaaS management platform like Augmentt comes into play.

A single dashboard for all SaaS apps and usage can increase visibility and avoid security risks associated with employee offboarding.

For example, employees can be quickly onboarded and offboarded to and from the applications they need. Plus, reports can readily show which users have access to what applications, and which licenses.

These processes can automate and simplify life for IT, enabling greater efficiency and productivity.

 

Reducing Insider Threats With Employee Offboarding

It’s true that to err is human, and humans will keep erring.  But increasingly, technology and improved practices can help you shape certain critical processes — preventing one small mistake from becoming a major problem.

Derik Belair

As President and CEO, Derik leads the vision, strategy and growth of Augmentt. Prior to founding Augmentt, Derik was the Vice President at SolarWinds, leading the digital marketing strategy for SolarWinds’ Cloud division. Derik has been working in the channel for over 20 years, starting his career as a channel sales rep at Corel Corp. and eventually becoming the first employee at N-able Technologies in April of 2000.
SUBSCRIBE for more resources
Related Content

Agent-based SaaS Discovery

    When it comes to Augmentt Discover, we believe in flexibility and power. Augmentt Discover can collect SaaS usage data using both an Agent and Agentless model. Here is a quick [...]
    Read

    Product Evaluation Guide

      Thank you for starting your Augmentt Product Evaluation and Trial   Here are a few resources that will help you through this technical process. Support Technical Support is available to [...]
      Read
      Augmentt is a centralized SaaS security platform built for MSPs to deliver scalable managed security services for Microsoft and cloud apps. Our multi-tenant platform gives you visibility across all your end-users to easily audit, protect and detect security threats for a holistic approach to cyber security.