When people think of cybersecurity threats, they often focus on ransomware, DDoS attacks and phishing attempts. However, another risk exists for almost every company in operations: Former employees.
In a recent survey, only half of the IT decision-makers responding stated they were “very confident” that ex-employees couldn’t gain access to critical business systems, and a full 48 percent acknowledged that workers who were no longer on staff could access the network. In fact, 20 percent of those surveys stated their company experienced a data breach led by a former employee.
The Risk Associated With Former Employee Accounts
Failing to remove ex-employees access to critical systems is a major cybersecurity risk. When these accounts remain active, former staff members can use their old credentials to affect systems, remove data and cause other mayhem.
But, even knowing that, many businesses fail to remove ex-employee access immediately, and approximately 20 percent of those surveyed admitted it took longer than a month to get these privileges revoked.
What Causes the Delay?
Removing access immediately seems simple on the surface, but many companies struggle to do so. Why? Because the process is actually more time-consuming than many realize. For example, 70 percent of those surveyed said it could take up to one hour to remove a single employee’s access from the system. Many companies are aware of dozens of applications and access points that must be addressed during the removal process, and it is a cumbersome task to review them all.
Additionally, many businesses still have occurrences of hundreds of other applications of which they aren’t fully aware. This can include old software that is no longer in active use but was never formally removed. Often, these employee accounts slip through the cracks as they aren’t on anyone’s radar.
Another issue can be a disconnect between human resources personnel and IT professionals. Often, HR is considered the authority on who is and is not employed by the business. If the organization doesn’t have a formalized process for alerting IT to employee status changes, the department is likely unaware that removal actions are required.
Which Ex-Employees Pose a Risk?
While most companies focus on workers who were fired as their primary source of risk, those that leave voluntarily aren’t necessarily guaranteed not to be a problem as well. Additionally, even if a former employee means their previous employer no ill-will, that doesn’t ensure their credentials might not be incidentally used for malicious purposes.
For example, if the person moves on to a new company and uses the same credentials, that means a breach at their current company could provide criminals with the data they need to access your system as well.
To mitigate all of the risks above, it is critical to create formal procedures designed to remove ex-employee access as quickly as possible. If you would like to learn more, the skilled professionals at The Armada Group have the information you need. Contact us today.