You are here
What happens when staff leave?
Onboarding is what a company does to get new staff up and running. But what about when people leave?
Have you thought about offboarding?
Information is everywhere
Companies create and distribute a lot of information, internally and externally. Much of that information is not be particularly sensitive, but that doesn't mean you shouldn't look after it.
And of course, there will be sensitive information. Do the right people have access to it? Is it secure? Can you quickly remove access when needed?
Information is a crucial asset in any successful company. It must be looked after and protected.
Systems are everywhere
Companies use different systems and platforms to create and distribute their information. Traditionally, these were limited with regard to access. Mainly because they were internal (think: installed software and filing cabinets).
Nowadays it’s different. Most businesses make extensive use of web-based systems. Otherwise known as SAAS (Software As A Service) or “cloud software”. We continue our work from location to location using mobile platforms.
Being able to access information from pretty much anywhere is great. But there’s a downside to that ease of access – it’s harder to control. In the old days, when someone left and could no longer enter the building, that was it. Job done.
But we need to be more diligent in this hyper-connected world.
50% of employees still have access after leaving
Research recently showed that companies have become more security conscious. But, many employees still had access to various systems and information. AFTER they had left the company.
The bottom-line is that companies aren’t following very basic but essential security measures around employee provisioning and deprovisioning ...
Let’s look at your staff’s access to Aconex as an example. A project will generate a lot of information. Some of that information will not be especially sensitive, but of course some of it will be.
Think about the various correspondence going back and forth. A lot of that is definitely going to be contractual and thus sensitive.
When a staff member leaves, do you want them to still have access to that project information?
Lots of systems. Lots of information. Sounds too hard, right? There’s no doubt that removing access to every system when someone leaves is not an easy task. But it’s definitely not an optional one.
Offboarding or deprovisioning Aconex accounts
First, get Aconex added to your IT team’s checklist for leavers. If they haven’t got one, start one. It can be a simple list of all systems and platforms a staff member has (or might have) access to. When someone leaves, use the checklist to make sure all their accounts are removed, locked or disabled.
For Aconex, follow these instructions to disable their account.
Disabling the account only takes a few seconds. But it means they can no longer login to Aconex from anywhere.