29 January 2021

How to Protect Your Data When Employees Leave

Imagine this: your best salesperson has decided to part ways with your company. They are privy to everything from your strategic documents to the client lists you’ve spent years building. With all the information they can walk away with, employees are often a greater risk than external hackers.

There are many reasons an employee leaves with company data. Many do so inadvertently while some think it’s okay to take any documents they worked hard to create. A few may have malicious intents.

According to a study conducted by Biscom, 90% of employees revealed their primary reason for data theft upon departure was due to the fact that their employer did not have a policy or technology in place to prevent them from doing it.

You can avoid making that mistake! Here are 7 tips to prevent you from falling victim to data theft from your own employees:

  1. Create a fence

Limit employee access by only giving permissions to the data they absolutely need to do their job. For example, salespeople don’t have a need for HR data. By limiting access, the impact of a data breach can be mitigated.

  1. Create a technology usage policy

This policy highlights any rules and restrictions employees must follow in regard to your network, software, internet connection, and devices. For example, websites and downloads may be monitored to avoid malware or viruses.

  1. Say no to personal devices

Employees who use their own devices often have access to substantial work data and this stays with them when their employment ends. What’s more, they could also unintentionally expose your business network to malware and data breach.

  1. Set alerts on files

Office 365 makes it very easy to turn on alerts that inform you when a policy violation has occurred or a high volume of sensitive content has been shared externally. This function also allows you to see who shared the content, who they shared it with, and what kind of sensitive information was detected. Further monitoring can be set within a security software such as Sophos.

  1. Encrypt your files

Data gets moved around now more than ever via email, flash drives, and cloud infrastructures. Safeguard your information by setting up endpoint encryption. You can also block the transfer of data via flash drives through Sophos or other security software.

  1. Asset Management

Your IT department and HR department ought to work together for proper asset management and employee offboarding.  When an employee leaves an organization, access to devices and applications ought to be blocked immediately.  Any computers or other devices should be collected right away.  The entire process should be a documented step-by-step process so no application is missed.

  1. Written Policies

Lastly, while IT processes and solutions listed above are great, the employment agreement and employment handbook should also outline what is acceptable or not for data management. It’s best to review your written policies to ensure they clearly indicate data ownership and acceptable devices for data transfer.

Our team of IT experts would be happy to help get your sensitive data protected. Contact us for an analysis of your company’s security and where your data might be vulnerable.


Sign up for our newsletter and get new posts directly to your inbox.

About Red Rhino

Red Rhino provides Managed IT Services, Support and Consulting to businesses in Vancouver and the Fraser Valley including Abbotsford, Langley, Surrey, Burnaby, Richmond, Coquitlam, Delta, and White Rock.