How Former Employees can be your Company’s Biggest Cyber Threat
The latest research that surveyed 10,000 desk-based operators in New Zealand and Australia reveals that at least one in four former employees are left with access to critical data after leaving an organization, and 20% of organizations say they have undergone data breaches from their former employees in some way.
Thousands of employees leave their jobs every month. While news of ransomware and DDoS attacks invariably make headlines. An added significant cybersecurity threat sneaks at nearly every organization: Ex-employees.
From passwords to the company’s social media accounts to classified client files and records stored in a personal cloud account, your company’s intellectual property could be strolling out the bar.
The jeopardies besetting offboarding have been raised throughout the pandemic as businesses have adopted to work remotely. Hybrid working methods, meaning off-boarding, can take extra time, and companies have limited direct authority over the process due to the expanding proliferation of cloud applications.
How do former employees still access your data after leaving their jobs?
People inside a business are a common cause of data breaches, both by negligence and ill intentions. Ex-employees can disclose their private data, and your company is responsible. Here are few points which tell us why this threat is rising:
- Faulty data protection policies and solutions
- A growing number of devices with passage to crucial data
- The proliferation of raw data moving outside the firewall on various devices
- More workers, contractors, associates accessing the network
- The higher complexity of technology
- Rising adoption of cloud applications and infrastructure
What can organizations do to eliminate unauthorized access of former employees?
Organizations must focus on defending networks, systems, applications and devices, physical premises, developing security protocols and building incident response processes. An organization should keep informed of industry trends and compliance obligations and stay abreast of what’s befalling cybersecurity across the nation. Companies should reconsider building a defined service-level agreement (SLA) that specifies how quickly access must be removed following a worker leaves an organization within 48 to 72 hours.
Employees should be notified only to practice in-house logins for various applications, software, sites, and services rather than personal user IDs and passwords. Selecting an access management and Single Sign-On (SSO) solution which delivers a passwordless experience to the employees is one step for companies to enhance offboarding security. Adopting a passwordless technique for employees proposed by SSOs that work with every application addresses cyber security hazards. It saves employees and companies time as the ‘logging in’ method becomes more smooth and streamlined.
Final Words
Offboarding is a hidden threat in businesses’ cyber security defenses. Many fail to apprehend or act on the threat posed by former employees leaving a company with information of crucial passwords that protect vital and confidential data.
BlueBricks can identify vulnerabilities in your networks, applications, and infrastructure and put you on a route to fix them. Get in touch and reach out to one of our experts today to learn more about our many offensive security offerings.
