A 6-step checklist to IT employee offboarding

Office with people working on desks

With more companies adopting a hybrid work environment, employee offboarding processes have never been more important. An employee’s last day might not be in the office now, so making sure you have a process that adapts to any situation is essential in today’s modern workplace. Whether your business is planning for redundancies, or preparing for employee departures, it’s important have a smooth and efficient IT offboarding checklist in place.

What is employee offboarding?

The formal separation of employees from their business or organisation is known as employee offboarding. It involves all departments within a company including IT and Human Resources, and should result in the seamless and secure departure of employees.

There are many factors to consider around employee offboarding, from transferring job responsibilities to a successor, retrieving company assets like laptops and phones and blocking future access to IT systems and sensitive data.

In an age of digital workflows and remote working, employee offboarding is of particular importance to a company’s IT department for a range of reasons, many of them security related.

An IT department will typically deploy a number of SaaS (Software as a Service) applications, databases, file storage solutions and physical hardware across a business so that employees can work efficiently. When a worker leaves the business, IT leaders must recover all devices and software applications and also deny any future access to all the places that data is accessed, to ensure the safety of the company’s infrastructure. This process also adds protection against the possibility of a potential data breach.

What are the benefits of proactive IT employee offboarding?

When carried out correctly, IT employee offboarding provides numerous benefits for a business. It provides peace of mind for both parties and ensures sensitive or confidential information belonging to the business cannot be accessed or compromised after the final day of employment.

Thorough and timely offboarding of a worker’s IT assets will give a business:

Cost savings

Businesses which follow a structured IT employee offboarding procedure can avoid significant costs that result from the loss or misplacement of expensivelaptops and mobile devices and the delayed cancellation of software licences. Reducing the risk of future data breaches also protects the business from potential fines or unintended losses.

Heightened security

Employees have access to company data. Whether that’s emails, files or databases, it’s likely that they don’t just access them from the laptop you’ve issued with them, they may also use personal mobile devices or home PCs. GDPR requires you to have full control over who has access to your systems, so it’s important to have a process that does more than just recovering a laptop and leaving it to gather dust. Accounts, across all your IT services, need to be properly locked out, sessions cleared and passwords reset.

And it’s not just about preventing the leaving user from having access, dormant accounts that haven’t been properly secured, are a hackers dream as it’s much easier to come into your system using an email address and password of a former employee that hasn’t been properly shut down, because there’s no active user to notice strange behaviour on their account.

Smooth departures

When an employee leaves a business, a smooth exit is in the best interests of both parties. A proactive IT offboarding approach with timely reminders for the return of equipment, for example, will help facilitate this and enhance the chances of an employee leaving on good terms.

Shaking hands

What are the security risks of incorrect offboarding?

Incidents, where a disgruntled employee who was not offboarded properly causes disruption to a business, are not uncommon. In such cases, a worker could use their access to company data via cloud storage services like SharePoint, Google Drive or Dropbox to take revenge on their former employer by stealing data, manipulating customer information, or passing on client data to a business competitor.

Cybercrime and data breaches cost the UK economy nearly £27 billion every year. The likelihood of a business suffering a revenge attack increases when poor IT offboarding occurs and when the offboarding process is too slow. Organisations that fail to properly close a dormant account, leave themselves wide open to cyberattacks and data breaches, especially from a disgruntled employee that has left on poor terms.

However, there are a number of important measures that can be followed to eliminate this risk.

The 6 elements of IT employee offboarding checklist

A comprehensive and well-structured checklist is an enormous advantage when offboarding employees, particularly where IT is concerned.

Below is a six step checklist any business can follow during the offboarding process to protect themselves when a member of staff leaves the organisation.

1. Record employee exit dates

It’s important for IT and HR departments to communicate clearly regarding employee exit dates so that equipment and devices are returned and access to company systems and sensitive data is prohibited. Losing track of employee exit dates can be extremely costly and lead to data breaches.

2. Revoke privileged account access

It is vital to identify all systems a departing employee manages or has access to. This is likely to include customer databases, applications, cloud systems and IT devices. This should be done by the employee, who should also transfer access to other relevant users in this process.

Departing employees should also have their remote access blocked so they are no longer able to access company resources and information using VPNs and other mechanisms.

3. Block email and phone access

Email plays a key role in business communication, and an employee’s company email is stacked with valuable data, key contacts, and sensitive files. No business wants a departing employee to have access to their email when they cease working.

In order to protect a business, email access should be revoked at the end of a person’s employment. You can then set up forwarding from the Microsoft 365 admin centre to ensure business continuity. Thought should be given to any email content that may have been downloaded to a person device. If there is a mobile device management process in place, locally synched emails can also be remote wiped from company or personal devices.

With more modern phone systems, where a user can pick up on their personal device using an app or their Teams account, it’s important to make sure this has been deleted off any personal devices.

4. Record assigned technology assets

Listing all IT assets and devices linked to an employee will enable to you have a plan for recovery of such equipment when the user resigns. An IT asset list may include:

  • Hardware: Laptops, iPads, personal computers, smartphones and other company-issued devices and auxiliary items such as monitors, keyboards, printers and headphones
  • Software: Any accounts an employee uses for their work such as social media accounts or job-role specific software, as well as their Microsoft 365 account.

When you’ve drawn up a list, ensure administrator rights for software applications or shared social media groups belonging to the departing employee are reassigned to another member of staff.

5. Reclaim IT assets

Once a list of technology assets has been drawn up it is time to reclaim those assets from the exiting employee so you can check and wipe them.

If you’ve correctly created an asset register, it should be simple to check off everything the employee used and collect them back. Make sure you get devices returned not wiped, and get the password, in case you need to login.

6. Check IT assets for damage

A thorough examination of hardware and IT assets will reveal any damage so that kit can be repaired before returning it back to stock. Your IT department should also be looking out for potential security and data breaches when an employee leaves the company.

Repairs such as chips, or removing sticky keys, can then be done quickly and efficiently to get devices back into circulation, and ready for use. You might also want to deep clean devices so the next user gets an as new laptop or screen.

Do you need help with IT employee offboarding?

ramsac helps businesses get the maximum out of their technology and facilitate employee offboarding by providing the highest level of IT support and cybersecurity. Contact us now.

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?