Feb 18, 2022
0 0

Poor Offboarding Leaves Organizations Open to Threats

Written by

The Home of the Security Bloggers Network
Home » Security Boulevard (Original) » Poor Offboarding Leaves Organizations Open to Threats
A lot of talk these days centers around companies leaving money on the table by not maximizing cost savings, but more egregious in today’s risk-filled environment is leaving security on the table. That’s just what organizations are doing by not properly offboarding former employees; giving them plenty of opportunities to breach defenses and conduct malicious activities.
During the Great Resignation, with employees are quitting in droves, this oversight is particularly dangerous, leaving companies vulnerable to any number of security issues. And research from Beyond Identity found that former employees are taking advantage of their continued access to corporate resources. In fact, a whopping majority of former employees surveyed (83%) said they continued to access the accounts at their previous place of employment even after leaving the company. Nearly one-quarter hung on to a password well after they departed.
And organizations are feeling the consequences of their poor offboarding habits. Three-quarters of those surveyed said they were “negatively impacted by an employee breaching their digital security.” And, alarmingly, 56% of employees “used their continued digital access to harm their former employer,” the study said.
Leaving a job “is becoming more and more common these days, whether voluntarily as part of The Great Resignation, forcibly as part of pandemic-related layoffs, or somewhere in between,” according to a Beyond Identity blog post. “Consequently, employers are increasingly confronted with the issue of how to maintain cybersecurity amid mass staff departures.”
The survey polled more than 1,000 employers and employees from Ireland, the UK and the U.S., and it appears that many organizations are not doing the best job at maintaining cybersecurity during these departures. While 70% of employees surveyed said they underwent formal exit processes, “the offboarding process clearly requires a different approach in today’s unprecedented climate,” researchers at Beyond Identity said.
Offboarding was most likely to be handled by a supervisor (33%) or HR (31%) though in some cases, it fell to a coworker (13%). For half of the respondents, the process included returning company devices and less than that (41%) shepherded through returning security keys or tokens and wiping personal information or documents from company devices (40%).
Only a little over one-third were taken through the process for forwarding email (38%), completing an exit interview (36%) and/or deleting or resetting certain accounts (35%).
“Moving beyond the people involved and into the mechanics of the process, we found that, at best, only half of employers were taking even the most basic precautions for their company’s cybersecurity,” Beyond Identity researchers wrote.
After their employment ended, former workers still had access to an old email account (35%), work-related materials on a personal account (35%), social media (31%), a software account (31%), shared files or documents (31%) and an account with a third-party system (29%) as well as access to another employee’s account (27%), backend system (25%) or the company’s financial information (14%).
While U.K. employers did better at restricting continued access—only 67% retained access versus 87% in the U.S. and 88% in Ireland—the numbers still suggested an unacceptable and unnecessary level of risk.
Employees are maintaining contact information for former co-workers (33%) and saving conversations with them (31%). But perhaps more troubling, they’ve taken company ideas (27%), notes on work completed (25%), client contact information (25%), process-related documents (24%) and passwords (24%).
They are using that access to do a variety of things—from accessing social media accounts (36%), sifting through emails on company accounts, taking company documents (31%) and using a corporate account to gain access software (29%), among other activities.
“While some of these behaviors may seem harmless—perhaps an employee just wanted to stay in contact with a work friend—these are all examples of insider threats,” Beyond Identity researchers wrote. “The constant possibility of human error means that every time an employee logs onto the company network, they put their company’s digital security at risk.”
Beyond Identity recommends taking the following steps to counter insider threats:
And, one more thing: Tighten up offboarding processes to reduce or eliminate threats from former employees. There’s really no excuse for not locking the door when employees leave under any circumstances.
From the time she was 10 years old and her father gave her an electric typewriter for Christmas, Teri Robinson knew she wanted to be a writer. What she didn’t know is how the path from graduate school at LSU, where she earned a Masters degree in Journalism, would lead her on a decades-long journey from her native Louisiana to Washington, D.C. and eventually to New York City where she established a thriving practice as a writer, editor, content specialist and consultant, covering cybersecurity, business and technology, finance, regulatory, policy and customer service, among other topics; contributed to a book on the first year of motherhood; penned award-winning screenplays; and filmed a series of short movies. Most recently, as the executive editor of SC Media, Teri helped transform a 30-year-old, well-respected brand into a digital powerhouse that delivers thought leadership, high-impact journalism and the most relevant, actionable information to an audience of cybersecurity professionals, policymakers and practitioners.
teri-robinson has 86 posts and counting.See all posts by teri-robinson

More Webinars


Article Categories:
Cloud Security

Comments are closed.