3 IT Rules of Thumb
Firing an employee is never a pleasant task. There are workplace policies to initiate and follow to do this difficult job well. In this day and age of virtual offices and cloud computing, your IT department must be your partner. HR might be driving the bus, so to speak, but IT must be in the passenger seat, integrally involved throughout the termination journey. If not, a former employee could potentially be a catalyst for cyber security issues.
The company’s executive staff, IT department, HR department, and legal counsel must work together to establish and implement a viable termination plan. About.com stipulates 3 core IT principles that need to be followed:
- IT must be notified immediately; advanced notice that an employee is getting ready to be fired is preferred.
- Strictly enforced policy that clearly states who is to inform whom and over what time, period
- Immediate revocation of access; the terminated employee is “locked out” immediately which in turn preserves any company records formerly accessible by the employee
The best way to address cyber security concerns, however, is not at the time of termination but before the separation happens. Company employees must be trained on best practices to adhere to in order to circumvent cyber security issues from occurring.
Prevention is the Best Medicine
The biggest threat to your company’s cyber security is your employees. In the case of the day-to-day worker, cyber security breaches are usually unintentional (i.e. opening an attachment with a virus in an email message). In regard to a recently fired employee, not so unintentional. In a recent study by CFO Magazine, 75% of companies have experienced internal security breaches, 14% of which was intentionally breached by employees.
First Deal with the Devil You Know
There are 10 issues every company should diligently train their employees on to limit cyber security issues:
- Passwords are mandatory, must be strong and changed often
- Manage email and attachments; no attachments should be opened unless the sender is 100% authentic
- Fear phishing emails; if an email looks suspicious, do not open it, trash it, and put sender on your blocked list
- Limit removable media to personal cloud storage
- Avoid public and other unsecured wi-fi access points
- Report lost or stolen devices immediately; IT must have the ability to remote-wipe a missing company mobile device and the employee must be instructed to call IT FIRST; before the mobile carrier
- Limit apps and programs; employee must have permission from IT if it is not from the official iTunes App store or Google Play
- Back up, back up, back up – every night before going home
- Think before you post; have a viable electronic communications policy in place
- Terminating employment equals terminating access, period
Unfortunately you can’t get around terminating employees or cyber security breaches. In corporate America it is not an “if” but a “when” issue. If you train your employees how to limit exposures to breaches and have a sound employee termination procedure in place (closely involving your IT department), issues caused by cyber security breaches can be minimized and addressed quickly.
Need Help Addressing Cyber Security?
SACS Consulting can help your company with cyber security issues or HR consulting services. Call 330-255-1101 to speak with one of our professionals today!