Author: Alvaro Hoyos / Source: Information Security Buzz
From recruiting the most talented employees, to ensuring accounts are in order and providing staff with the latest technological innovations, businesses across the globe work tirelessly every day to strive for success. Lurking behind every policy, best practice and guideline, however, is a world that often gets neglected. What happens when someone leaves the company? Of course, in an ideal world, businesses recruit a capable replacement, tie up any loose ends on a project they were previously working on, and of course, throw a leaving party to ensure both the employee and business can part ways on the best of terms. Sadly, we do not live in an ideal world and, on occasion, an employee’s departure isn’t quite so clean cut and can cause issues months after they have left the company. This begs the question, are organisations doing everything in their power to make sure a soon-to-be ex (employee) does not walk out the door with access to everything the business holds dear?
Former employees are not always your friends
We have all seen the hugely damaging actions that former employees can inflict upon businesses. One such example is a huge data breach experienced by OFCOM[1], when they discovered that a former employee had downloaded and shared over six years’ worth of data with their new employer, which happened to be a major broadcaster. Luckily for OFCOM, the broadcaster in question chose not to exploit the data and alerted OFCOM to the stolen information. Shockingly, the latest research from OneLogin shows that despite the threat of former employees, more than half (58 per cent) still have access to the corporate network once they have left an organisation and almost a quarter of businesses (24 per cent) experience data breaches due to the action of ex-employees. The OFCOM data breach could have been catastrophic if it had have been used by a competitor, not to mention the potential damage to brand reputation. Similarly, businesses must also consider that when the European Union’s General Data Protection Regulation (GDPR) comes into effect in 2018, UK firms could face a penalty of up to 2% of their annual worldwide revenue, or €10 million, whichever is higher[2], enough to leave an organisation with financial difficulties. Of course, there are scenarios where organisations have not been as lucky as OFCOM.
…
Click here to read more