Are Ex-Employees Your Company’s Biggest Cybersecurity Threat?

With recent news-making hacks like the WannaCry ransomware attacks and the Equifax data breach, most companies have been focused on shoring up their systems to protect them from nefarious, faceless strangers in dark rooms. However, there is a much closer threat to your organization, and it is a threat that every single company, no matter the size has in common: Ex-employees.

IT Leaders Often Ignore Ex-Employee Access

Cybersecurity firm OneLogin recently surveyed IT decision makers and found that nearly 20% said they had actually experienced data breaches from former employees.  Furthermore, only about half of the people who responded were very confident that former employees were no longer able to access company systems and 48% also said they were fully aware that ex-employees still have access to the network.

Half of IT leaders who responded said that employee accounts remain active longer than one day after the employee leaves, 32% said it takes a week to deactivate ex-employee accounts and 20% said it can take a month or longer. Some 25% admitted they don’t know how long ex-employee accounts remain open after someone’s last day.

The Consequences of Poor Deactivation Procedures

An employee’s access should be shut down the moment they walk out the door on their last day. No matter how trustworthy you think someone is, it is simply not worth the risk. Last summer, Dutch web hosting service Verelox had most of its servers deleted by a disgruntled ex-employee. Last spring, the US company Microsystems had to sue an ex-employee for installing malware that deleted company financial data.

These are just two examples of ex-employee malfeasance. Even if former employees don’t actively seek to sabotage the company, ex-employees can still cause damage by logging in to customer data, deleting files critical to their role, and more.  And if an ex-employee has company applications on their mobile devices, the company could be at risk if those devices are stolen.

Make Closing Access A Priority

Most companies say it simply takes too long to deprovision a single employee’s access to company systems, and therefore, it gets knocked down on the IT team’s list of priorities.  Another reason that companies fail to take swift action is that HR and IT don’t communicate. It is not IT’s job to keep track of active employees. It must be made a company policy that IT is notified immediately when an employee leaves, so that the process of deprovisioning can begin.

Most of your ex-employees are good people who don’t have malicious intentions, but it only takes one single bad apple to cause significant problems for the company. No matter the size of your company or the industry you’re in, never underestimate the security vulnerabilities associated with ex-employee access.

If your business is looking for forward-thinking cybersecurity professionals who can help you protect your network, the award-winning team at Talon can help. Contact us today to learn more about the ways we can help you achieve your data security staffing goals.