The layoff tidal wave in 2024 has brought cybersecurity threats that many business owners aren’t focusing on – offboarding employees. Even big-time brands have failed to adequately protect themselves, despite us thinking they should have cybersecurity systems and procedures in place. It August, it will be a year since two disgruntled Tesla employees went rogue after termination. They exposed the personal information of over 75,000 people including names, addresses, phone numbers and even the Social Security numbers of customers and employees.
And, of course, it’s expected to get worse. As of May 2024, 298 US-based tech companies laid off 84,600 workers and counting, according to NerdWallet. This includes major layoffs at big companies like Amazon, Google and Microsoft, as well as smaller tech start-ups. In total, around 257,254 jobs were eliminated in Q1 of 2024.
A proper offboarding process is essential to every business. It’s not just a routine admin task, it’s a critical security precaution. Not having an offboarding procedure, which includes revoked access, can lead to serious business and legal implications later. Some cybersecurity threats include:
Theft of Intellectual Property
Employees sneaking away with YOUR data. Your company’s files, client data and confidential information can be stored on personal devices that retain access to cloud-based applications like social media sites and file-sharing sites your IT department may not know about.
A study by Osterman Research revealed that 69% of businesses experience data loss due to employee turnover. Also, 87% of employees who leave take data with them. Most often, the information you worked hard to gather is sold to competitors. It’s used by them when they’re hired by the competition or used by the former employee to BECOME a competitor. Any way you cut it, it screws YOU.
Compliance Violations
You can register as non-compliant (in heavily regulated industries) for failing to revoke access privileges and remove employees from user lists. This simple mistake can result in large fines, penalties and even legal consequences.
Ctrl + Alt + DELETE … Everything
An employee who feels unfairly laid-off and retains access to their accounts could easily delete e-mails and critical files. If that data isn’t backed up, you will lose it ALL. You think “I’ll sue them!” (and rightfully so). BUT, even if you sue them and win, the hard reality is what it will still cost you. Between legal costs, time and data recovery, plus aggravation, are greater costs than what you might get awarded.
Data Breach
This is the most terrifying of all. Unhappy employees who feel they have been wronged can make you the next devastating data breach headline. Plus, you could incur a costly lawsuit to go with it. It could be as simple as making one click and downloading, exposing or modifying your clients’ or employees’ private information, financial records or even trade secrets.
Do you have an airtight offboarding process?
Chances are you don’t. A 2024 study by Wing revealed that one out of five organizations has indications that some former users were not properly offboarded. So, how DO you properly offboard an employee so you minimize the risks of a cybersecurity threat?
First of all, successful offboarding starts with proper onboarding. New employees should ONLY be given access to files and programs they need to do their jobs. And, this information should be meticulously documented to make offboarding easier. Here are a few ways your IT team can help improve your offboarding process to make it more efficient and secure.
- Leverage Automation to streamline revoking access to multiple software applications simultaneously. This helps to save time and resources while reducing the likelihood of manual errors.
- Implement Continuous Monitoring to track who is doing what and where on the company network. This can identify suspicious behavior by an unauthorized user and determine if a former employee retains access to private accounts.
Insider threats can be devastating. If you think this can’t happen to you, think again.
Be proactive in protecting your organization against insider cybersecurity threats. Find out if any gaps in your offboarding process expose you to theft or a data breach. Contact Fortifi Cyber Security, the Atlantic Technology Services sibling company, and they can do a free vulnerability test. Call 888-500-9111 or click here to schedule a vulnerability test.