3 Essential Steps Before You Terminate an Employee
Your employees need access to your various business accounts to do their job. What happens to those passwords when you terminate an employee? Nobody likes to think of terminating their employees, or why you would need to. Nonetheless, it is a responsibility every business owner must face at some point. Your accounts team will no doubt be on top of stopping their paychecks. It is important to take the same proactive stance to deny their system access.
Most of the time, the former employee leaves on good terms and you will wish them well. If you are lucky, they will even manage to help with their replacement. Doing so your productivity losses will be minimal. Other employees may leave your business unwilling or in a storm of anger and suspicion.
You will have quite different feelings about the two scenarios. The risk to your business is high until you act. Here are 3 steps to protect your business from retaliation and other disasters.
Limit Access to a Need-to-Know Basis
It might surprise you how often a new employee gets the entire business on a platter. When their actual job requires little more than a computer login. Accounts, strategy, customer details, industry secrets...all these sensitive aspects. Your business secrets that made it a success - exposed. A better policy is to limit access only to what the employee needs to do their job. Your employees will appreciate the care you have taken to protect your business. Keep them from getting overwhelmed, confused, or tempted if the situation ever changes. Likewise, take a few moments to remove old or temporary accounts that are no longer needed. You never know when a hacker or disgruntled employee will squeeze through the gaps.
Change Passwords Fast
On average, it takes at least a week before passwords change after you terminate an employee, if at all. This is the one type of delay your business cannot afford. In 2017, an ex-employee from the American College of Education held their entire email system at ransom for $200,000 after an unhappy exit. Stories of others stealing client databases are also common. They leave to start their own business or work for a competitor. It is not only full-time employees either. Contract and part-time employees may have access to more than you might imagine. Recent rulings make it easier for business owners to prosecute former employees that access their systems and cause harm. It only takes seconds to login and wreak absolute havoc. Knowing you can take them to court is not comforting with the damage you will endure. The best choice is to change passwords fast - even before your employee knows. This lessens the chance of revenge attacks and opportunistic access.
Use a Password Manager
Have a good password manager. With a password manager risk becomes automated. You will be able to keep your logins in a central vault that only you can see. You can choose to share based on business roles and need. There is even an option to share passwords without letting employees see them in plain text. They will be able to connect with a click. Plus, you can revoke the share at any time. If their role changes or you terminate them, you can use the dashboard. You see who has access to what and add or revoke at will. If you are not sure what that employee has been up to, you can also generate reports of their history.
We can help you set up password management and lock down your network. Call us at 877-686-6642.