Grant McGregor News

Don’t Rely on Ethics: Protecting Your Company When You Need to Let Someone Go

June 25 2018

When it comes down to it, letting an employee go is never pleasant. Anger, confusion and even tears are all possibilities if the process isn’t well organised, professionally executed, and respectful to everyone involved.

But there are more damaging outcomes when an employee leaves feeling disgruntled because a termination is badly handled. Add a sloppy attitude to protecting your company data, or clumsy IT procedure and you could end up dealing with a data disaster, or even joining your former colleague down the Job Centre.

Going beyond the standard, here are the small ways to avoid big problems when it comes to company technology and termination.

Audit, Update and Audit Again.

• Hardware audit, systems audit, everything. Most IT professionals will concede that chasing the return of company-issued hardware can feel a lot like pulling teeth, but even the most disgruntled employees should be inclined to give their tech back when faced with the prospect of not receiving their last month’s pay.

• Keeping up-to-date hardware and software asset lists will save you time and effort, and along with serialised logs of hardware spec, this can help to make sure your equipment is returned unaltered and damage-free.

• Systems admins and HR should habitually revisit access, and update permissions regularly. If your HR department is working with outdated records, then you are bound to make mistakes when you need to execute a termination quickly.

Consider Your Timing When Revoking Systems Access.

Removing systems access when it comes to termination is critical to protect yours and your customers data. Revoke access too soon, and any thoughtful process around a dismissal becomes pointless.

Delay revoking, and you could be open to an ex-employee deleting or stealing company data, sales leads and contacts. Delay removing access from a dismissed employee at management or director level, and you may be open to massive detrimental damage to your company, deleting critical data or even holding your passwords to ransom.

Consider A Centralised Database.

• Using single sign-on (SSO) software helps with making sure no pesky ex-employees can sneak back into systems after they leave. Simultaneously revoking access through a central program – like Active Directory – will save your sysadmin time and possible damaging oversights.

• As your company grows and your staff try out new software, extensions and widgets, it’s also worth considering a central database which records rights of every individual throughout all systems, if they do end up using multiple passwords.

Working Around The ‘Bring Your Own Device’ Policy.

BYOD tech policies are decidedly tricky when it comes to termination. Certain things are easy enough, as in deleting company apps and removing Exchange account settings.

However, there has to be a certain level of trust when it comes to personal devices – there’s no real way of making sure that an employee has removed all company data, especially from archived Time Machine or iCloud backups.

• Deletion is definitely worth raising in a dismissal situation, as the majority of employees will delete what’s required.

• Secure your company social feeds before starting the dismissal process. Although this does make for interesting reading when it happens to someone else, be sure to consider your official social media channels as they are an easy way to make a damaging statement if an employee is angry over their dismissal.

So, With This in Mind: Respect the Individual’s Priorities.

Although company tech might not be a top priority for someone getting the sack, it definitely can be for the IT team.

HR works hard to make sure that anyone facing dismissal is given as much respect and privacy as possible, so spare a thought for their process. Ex-employees might not have their company tech with them on the day of their dismissal, so clearly set out a process to ensure your tech is returned, but be aware – it might not be on the day.

• Give the employee a clear timeframe to work with as to when tech should be sent back.

• Consider providing pre-paid packets or a courier service so employees are not expected to pay for postage or come back into the office. Replacing an iPhone is a lot more expensive than tracking a package, so try to make the process as easy for the person as possible.

Remember, the smallest considerations will make the process as painless as possible for everyone involved and is the best way to protect your company, its hardware and ultimately your data.

 

Cyber Essentials helps plug these gaps with a set of common actions, against a measurable framework. Contact us today on 0808 164 4142 to find out how we can help.

 

Photo by Venveo on Unsplash

BACK TO TOP