(312) 971-8500

What to Do When a High-Level Executive Leaves

by | Nov 6, 2019 | Best Practices, Cyber Security

A high-level executive leaving a company can cause a bit of chaos. That turnover affects a lot of employees and company processes. In addition to the usual human resource tasks that take place, there are also a lot of aspects of technology that need to be considered with security practices.

When a high-level executive leaves, you are letting someone go who has access to a vast amount of the company information. When a low-level employee leaves, they typically have limited access and there isn’t as much vulnerability and legal risks

Clearly, there are security risks involved. Let’s go through the steps needed to minimize those risks with proper security practices and company policies. 

1 – Notify The IT Department

A mistake businesses often make is not recognizing the huge role the IT department plays in off-boarding an employee. It is important to notify the IT department as soon as you know an employee is leaving. Even better, if you can give the department advanced notice before the termination meeting so they have time to gain control of the access points. 

You should have a specific office policy regarding who should be notified in these situations. You should have a designated person who runs the security check through all of the employee’s responsibilities and access points to company information. 

2 – Revocation of Access

Depending on your infrastructure, your high-level employees might have access to thousands of sensitive files, high-risk databases, business records, company documents, and important software. 

Working with your human resources department and your IT department, you need to determine all of the information that the chief executive has access to. You must revoke access from every angle that you can discover. 

Assess the risks the key employee may pose. Your IT department will get to work changing passwords, deleting accounts, etc. These are some crucial company parts you need to revoke access to:

  • Email accounts
  • VPN remote access software
  • Network credentials
  • Voicemail or call forwarding system
  • Collaboration accounts
  • Social media accounts
  • Banks, accounting software, and financial accounts 
  • Data backup systems  
  • Company documents

3 – Complete Credential Changes 

During the off-boarding process, it is essential to complete credential changes as soon as possible. Contact your IT department so that they can get the bases covered for the moment the employee steps out. 

Remember modern technology has a lot of access points. Remote access is great for company communications and workflow. When a high-level employee leaves, it’s important to remember that they most likely used personal devices and computers to access email, cloud accounts, applications, etc. 

Your IT technicians must take the steps to delete company information. This needs to be done carefully since the devices are not owned by the company. Advanced programs can remove corporate data while keeping personal files intact on mobile devices.

4 – Return Corporate Devices 

If the former employee used any corporate devices make sure they are returned. Everything should be wiped clean and restored to factory settings with a security check. This includes computers, hard drives, flash drives, portable storage devices, and anything else with the potential to hold data. 

5 – Remove the Former Employee From Internal Communication Systems

A high-level employee leaving will affect a lot of other employees. It’s important to take the steps to keep all employees safe and make the transition as smooth as possible. 

To keep team members safe, your IT technician or administrator needs to remove the former employee from all internal messaging systems among management teams. This includes email group lists and collaborative web services. 

It is also important to consider third parties that the employee had worked with during their time at your company. You need to notify any third parties that this employee no longer works with you so that there is no accidental communication that could lead to a security breach. 

6 – Perform a Detailed Security Audit and Monitor Those Former Accounts 

If you prepare for the worst then you won’t be left with any surprises. After you have cut ties with your former executive, you need to perform a detailed security audit and monitor those former accounts. 

An audit and security check will help you and your IT technician identify any security risks that were overlooked. You will need to continue this monitoring for the weeks following the employee’s departure for best security practices.

7 – Have a Contractual Non-Compete Agreement in Place

Non-compete agreements are essential for stopping your key employee from taking any of the customers or clients that they had contact with while working for your company. Non-competition agreements will put in writing what is inappropriate behavior with any former clients or people associated with the company. This office policy is essential for executive teams

Employment contracts need to be put into place for all employees before you have executive officers exiting the company. Employment agreements help to keep your company safe and to let your employees know what they are legally allowed to do so that they don’t accidentally perform a breach of contract. 

Be Prepared with a Comprehensive IT Plan

It’s difficult to let go of a high-level executive. Especially if they worked for the company for many years on the senior team. Comprehensive business planning will help make the transition as stress-free as possible. 

We recommend discussing with your IT department and human resources department to come up with an effective data security plan for these situations. Be proactive and come up with solutions before you find out an executive is leaving. Proactive business planning is everything. You often don’t have a lot of notice in these situations. 

The key to a successful transition is to be prepared and implement strict access management policies from day one to avoid any security incidents

The Risks of Not Having an Off-boarding Process for Your High-Level Executives

Security incidents are common with former employees. It is possible that your former employee could steal or access company data with malicious intent. This is called an insider threat and it is one of the most common causes of data breaches. This is why effective data security and business planning are so important. 

There are also areas of technology that could be costly when an executive leaves. For this reason, it is important that your IT department is aware of any recurring payments involved with the departing  employee and any licenses that they used during their time at the company

In addition, there could be employment contracts that need to be pointed out. The departing employee may not be aware of what they can and can’t do now that they are no longer a part of the company. There is always the chance that information is leaked without malicious intent simply because the employee was not aware of the situation and risks. 

Spot Migration Security Services

Do you have an offboarding process for your high-level executives? If not, we can show you how much risk your company is taking on and help you to come up with a proactive solution with security features to save your company from costly disasters. 

Spot Migration has years of experience with companies of all sizes helping them to create technology processes to reach their business goals. We bring you peace of mind so that you don’t have to deal with the complexities of technical issues. When you have your company security in expert hands, you can focus on your core business needs without worry.

Do you have an offboarding process for your high-level executives? If not, we can show you how much risk your company is taking on.

MEMBERSHIPS

T20 Elite Partner