When an employee leaves a company, offboarding is the process of ensuring that they have a smooth and secure transition from their current role to their next one. This includes tasks such as ensuring that all their accounts are closed and transferred, returning all devices and that the former employee can proceed easily to their new job.
Employee off-boarding is critical not just for securing company data, but also for maintaining a safe workplace. A recent study has shown that about 89% of employees still had access to their company’s network and data after termination and around 83% continued to access their old employer’s accounts. With insider cyber-attacks rising by 44% over the past two years, it is more critical than ever to properly off-board employees after they leave your company.
Here are some of the key steps involved in successfully offboarding an employee along with some of the best practices for making the process smoother.
1. Disable all accounts and change passwords
One of the first steps in offboarding an employee is to disable their user accounts and change any passwords they may have had access to. This helps to ensure that the former employee does not have any access to company data or systems. Additionally, it is important to update any additional identity security measures such as multi-factor authentication that the employee may have been using.
2. Collect company-owned devices
The next step is to collect any company property that the employee may have, such as phones, laptops, keys, or ID badges. It is important to do this as soon as possible so that the employee does not have access to company resources. Additionally, you should check with the employee to make sure that they have not taken any confidential information with them. If an employee is working remotely, you will need to arrange for someone to collect their devices from them or have the employee ship their devices back.
3. Securely erase company devices
Either remotely or when the company devices are returned, securely erase the information on those devices. This will ensure that any company data on the devices cannot be accessed by the former employee. Once this is done you can prepare the devices for use by a new employee.
4. Contact Third-Parties
You should also notify any customers, partners or vendors, with whom the employee worked and provide them with the new contact information for your company. This will ensure that there are no potential information issues and that third-parties are able to continue working with your company without interruption.
5. Update your company’s HR records
Finally, you will need to update your company’s HR records to reflect the employee’s departure. This includes removing them from any health insurance or other benefits they may have been receiving. You will also need to update their contact information and emergency contact information. Once this is done, you can send out a farewell message to current employees. Additionally, by keeping open communication with the departing employee, you can help to make the transition as easy as possible for them.
6. Follow cyber-compliance policies
When offboarding an employee, it is important to make certain you are operating within compliance of any relevant cyber-security regulations. For example, the National Institute of Standards and Technology Cyber Security Framework (NIST CSF) requires companies to take specific measures when deleting employee data. Additionally, ISO 27001 is a standard for information security management and requires companies to have a plan for terminating employees. The Health Insurance Portability and Accountability Act (HIPAA) requires companies to protect the privacy of employee health information. By following all applicable regulations, you can help to ensure that your company complies when offboarding employees.
You can make sure that your company’s offboarding procedure is effective and safe by following these procedures. Whether an employee leaves your company by their choice or yours, offboarding them as quickly and efficiently as possible is key to limiting any exposure of your business to a disgruntled former employee. By following these tips, you can minimize the amount of time they have access to your IT systems and ensure that they depart on good terms. If you have any questions about how to execute these tips or would like help with offboarding your employees, feel free to reach out to us at firstname.lastname@example.org.