Hopefully, employee leave on good terms and you wish them well. Other employees may leave your business-not by their own decision-or in anger and suspicion. While you’ll have very different feelings about the two scenarios, the risk to your business remains high until action is taken. Here are 3 steps you can take to protect your business from retaliation and other password-related disasters.
Limit access to a need-to-know basis
You might be surprised how often a new employee is presented the entire business on a platter when their actual job requires little more than a computer login. Accounts, strategy, customer details, industry secrets...all those sensitive parts of your business are now exposed. The best policy is to limit access to only what the employee needs to do their job. A need to know basis. This is also a good time to delete old or temporary accounts that are no longer required, as you never know when a hacker or disgruntled employee will squeeze through the gaps.
Change passwords fast
On average, it takes at least a week before passwords are changed after an employee is fired, if at all. Unfortunately, this is the one type of delay your business can’t afford. Recent laws make it easier for business owners to prosecute former employees who access their systems, but it only takes seconds to login and wreak absolute havoc. The best thing you can do is to change passwords fast - even before your employee knows they’re fired. This lessens the chance of revenge attacks.
Use a password manager
If you have good password manager like LastPass, reducing your risk becomes mostly automated. You’ll be able to keep your logins in a central vault that only you can see, and share based on business roles/need. There’s even an option to share passwords without letting employees see them in plain-text. Instead of writing passwords down somewhere and manually entering them each time, they’ll be able to connect securely with a click. If their role changes or they’re fired, you can use the dashboard to see who is having access to what and add/revoke at will. If you’re not sure what that employee has been up to, you can also generate reports of their history.
We can help you set up password management and lock down your network. Call us at 937-660-0488