Network security and your employees
Ensuring that an ex-employee no longer has access to your network when he or she leaves your employment is critical for security. That may seem like an obvious statement to make but it’s amazing to note how many businesses fail to effectively manage continuing network access for a former worker.
Establish an acceptable use policy
One of the first security measures to undertake is something that can be put into place well before anyone gets to become an ex-employee. In fact, it should be in place from the very point that they join the organisation. An acceptable use policy is a document that summarises a set of criteria that should be adhered to whenever anyone is making use of the company network.
Stipulations within the policy may be extensive and so should be clearly stated and easily understandable for all. They should be reasonable and, whilst not limiting in any the way the ability of the business to be productive, must be able to protect both the company and employees from any form of misconduct.
What should be included in an acceptable use policy?
Policies will be subtly different from business to business, industry to industry, but should cover a number of potential issues including the following –
- Company resources – Personal privacy should not be afforded to employees when using company resources
- Non-business applications – Applications other than those directly required for the business should not be downloaded onto a company resource or network
- Confidentiality – The policy should act to protect the business in the light of an ex-employee subsequently disclosing information that may be deemed harmful to the company.
- Mobile devices – The policy should also address personal use on mobile devices such as phones or tablets
- Company network – The policy should clearly determine if employees are permitted to access the company network from a mobile device. If so, a plan should be devised in order to deal with data that exists once someone becomes an ex-employee.
- General web access – Guidelines should be present to establish what is deemed to be acceptable web access and what isn’t.
What to do immediately when an employee leaves
It is important to act quickly when an employee leaves your organisation. The following tasks should be deemed to be high priority –
- Disable the ex-employee’s network passwords and accounts immediately
- Disconnect any personal mobile device connections to company email accounts
- Any third party app accounts and passwords should be disabled
- Any VPN access should be removed disabling any level of remote access
- Wi-Fi passwords available to an ex-employee should be changed
- Desktop hardware should be rebooted and the ex-employee logged out of the system
Safeguarding data and accessibility is essential for the secure running of any business. Although it should be an ongoing process as part of best practice, it is important that measures are in place for an ex-employee. Procedure should be followed irrespective of the demeanour or history of the departing colleague.
If you’d like to find out more about call recording or call logging software please don’t hesitate to give us a call; we’d be happy to tell you everything we know – which happens to be rather a lot! Drop us a line on 0333 0022 440, or contact us. We’re here ready to help.