Ex-employees – the underlying insider threat
More often than not, employees don’t leave the organisation on amicable terms exactly. Ex-employees are more prone to have reason to abuse their access to the company network for malicious conduct. Most businesses fail to competently protect their networks from threats from ex-employees, who may be able to access the corporate network even after leaving the company. This makes the former employees one of the greatest insider threat, yet the easiest to handle. You only need to ensure that deactivating accounts and changing passwords are a mandatory part of the termination process. Employees may also innocently cause data leakage, especially if they are using non-enterprise solutions like Dropbox to share or store data. Manual termination of accounts will not provide a fool-proof solution. The account termination and data monitoring should be an automated process to ensure that ex-employees do not compromise your business unknowingly or otherwise.How to prevent ex-employees from threatening your business IT security
Here are some measures to protect your company networks from being compromised because of data breach incidents caused by ex-employees.Monitor account behaviour post-resignation
It is vital to monitor an employee’s actions from the moment they decide to resign from their position. You must be on guard to detect any security incident involving copying confidential data or changing permissions immediately. Restrict all privileged access shortly after the employee’s declaration on leaving the company.
Regular IT auditing
An ex-employee with a malicious intent who have access to working login credentials can easily evade the security perimeter and risk business operations. Implementing an IT auditing solution can ensure better internal IT security that will protect against such malicious actions.
Remove employee access after termination
Research shows that in most cases, employees attack when they feel that their dismissal was unfair, or they are disgruntled in any way. To prevent this, remove all system access, however insignificant, immediately after they leave the company.
Data encryption a must
No one can predict when a loyal employee will turn malicious and attempt to steal confidential business information. This makes your business always at risks for attacks. Any attempt to steal data from a server can be thwarted by data encryption.
Use temporary accounts for limited tenure employees
Restrict access to third-party employees like interns or contractors who work for a limited tenure. Set up temporary accounts with minimal privileges. You should also ensure these accounts are inaccessible as soon as the person leaves the company.
Remove inactive user accounts
Employees are aware of security vulnerabilities existing in your network system. As ex-employees they use inactive or less-used user accounts to evade security measures and access company networks. It’s essential to identify and delete accounts which are in active for more than 90 days.
Establish a security incident response team
Establish a security incident response team who can quickly recognize, report and respond to a security incident. You may benefit from using professional services like Computing Australia, as this needs a high level of skill.
Implement an automated information system
Sometimes the IT teams will be unaware of an employee’s termination because of inter-departmental communication failure. This can be prevented by establishing an automated information system to deactivate inactive accounts and change passwords once the employee leaves the company.
Implementing these measures can help you prevent ex-employees from compromising your business network. Automating the IT and HR departments, identifying disgruntled employees can help you reinforce your defences against budding insider attacks and protect your sensitive data.
Computing Australia has been helping various clients secure their systems from cyber threats for more than 20 years. If you are looking for a sturdy cybersecurity solution to secure your business, contact us or email at cybersecurity@computingaustralia.group. Our cybersecurity experts are 24/7 available to assist you with your cybersecurity queries.
Jargon Buster
Encryption – A process that converts a message or file from its original representation to an alternative form so that it can be only be read by certain people.
IT auditing – examination and evaluation of a company’s IT infrastructure, policies and operations to determine whether IT controls protect corporate assets, ensure data integrity etc.