One of the biggest mistakes clients can make controlling credentials is not carefully managing all accounts associated with an individual who has parted ways from the company. The accounts can be used for an unauthorized individual to access services, information, and documents, to administer and make changes to systems and accounts, and even disrupt operations entirely. Even if the person leaving is trusted, with no one to manage that account it can be compromised with no one the wiser.
That’s why my security assessment reports always include an “Employee Termination / Transfer Checklist” – to make sure that this issue is addressed by management in consultation with other parts of the business. In this article I’ll attempt to convey the basics of such a checklist.
Besides addressing all aspects of physical access to the business and equipment return, such a checklist includes removing or disabling all accounts and changing any passwords the employee had access to:
- Network account
- E-mail (account or system management)
- Software logins (e.g., MLS, AMS, HR, document management, Google Analytics, etc.)
- Website admin / Plugins / Social Media
- Alarm system
- VOIP / Voicemail
- Service accounts (e.g., administrator accounts, printers, databases, etc.)
- Firewall / Routers / Switches
Making sure forwarding that may have been set for e-mail and telephone is disabled.
There are also many additional places to check to ensure there is no unauthorized access, or changes made. It is vital that contact information and any associated logins are changed for:
- Bank account
- Merchant account (for taking credit cards)
- Domain records
- Contracts (contacts)
- Vendors (e.g., equipment lease and service, web hosting, etc.)
You can imagine what happens if you lose control over the domain for your website, if an important contractual notice goes to a disabled email account, if someone has unauthorized access to the HR system or to manage users on the AMS or MLS. I’ve seen the worst nightmares come true for many companies over the past three decades. Don’t be the next one to suffer from this issue.