Lots of business owners think that IT security only applies to the big corporations and the banking firms of this world; but a new study by Intermedia SMB reveals that 89 per cent of employees who leave a company retain access to business or cloud applications like Salesforce, PayPal, email and SharePoint.
It doesn’t matter how big you are, if you’re employing staff that have access to apps, CMS’s and company data; you’re at risk.
Ex-employees admit to using the logins
It gets worse though, of those surveyed, 49 per cent had actually signed in to an ex-employer’s account, despite having left the company.
Now in most cases, this will just be curiosity; call it a “I wonder if it still works” type moment. However the fact remains that the ex-employees in question still have access and it only takes one bad apple with malicious intent to cause problems. This can come in a number of forms, be it reputational damage, leaked info or loss of competitive advantage to a rival firm.
In a nutshell, when an employee leaves your business, for whatever reason, you must have a way to revoke their access to all business resources. If you don’t then you’re leaving yourself wide open to attack.
How to protect your business
Implement stringent access management and off-boarding practices. Most companies have well thought out on-boarding processes, but too many forget the off-boarding.
In the same Intermedia Survey, polling firm Osterman Research found that 60 per cent of the employees in its survey were not asked for their cloud logins by their employers.
Put in place on-boarding and off-boarding policies for every employee and every application your business uses. Keep a detailed record of who has access to what. This ensures that your company always knows where your data is and who can access it at any time.
Consider using business graded file storage and cloud synching. Osterman also found that 68 per cent of employees admitted to using personal file storage services like Google Drive and iCloud to store corporate files or to transfer them between devices.
Share this story