Security Risks Posed By The Disgruntled Ex-Employee

Data Breach

The disgruntled ex-employee: nearly every enterprise has at least one. The fact is, you can’t please everyone all the time. Many employees, especially higher-level employees, have access to proprietary information, databases, computer systems and other things we ideally want them to stay away from after they’re no longer employed with us.

In April 2011, a former Gucci network administrator hacked into the company’s network, blocking the capability to send and receive emails, deleting several virtual servers and shutting down a storage network. According to MSNBC.com, he accomplished this by tricking employees into adding him to the network as an authorized user, using a fake employee account he created while he was still employed by the company.

Even those with seemingly harmless access during employment may be privy to more than necessary during their time with the company, leaving us open for security breaches if we’re not fully prepared each time an employee leaves our enterprise. Fortunately, there are a few safety precautions we can take as business leaders to ensure our data remains secure in the unfortunate event of such a separation.

1. Immediately after termination, an IT security contact should be among those notified

This individual should be responsible for immediately revoking the individual’s email access, network access and access to any secured areas within the facility or computer network.

2. Change of passwords

Passwords to public-access areas common to all employees should be changed upon an employee’s termination. This can be a logistical hassle and an inconvenience to other employees, but it’s a necessary security precaution.

3. Notify essential personnel of an employee’s status

While it’s not the most pleasant task of a manager, it is important to notify other employees of an individual’s status. If other employees aren’t aware that an individual has terminated his or her relationship with the company, they could be easily persuaded to provide network access under a guise, such as telecommuting.

4. Revoke building security codes

This is an important step, because many enterprises offer ID access cards to allow employees entrance to a building when no one else is present. A terminated or resigned employee should not be permitted access to the premises unless under direct supervision to gather his or her personal belongings. Building security access codes should be immediately revoked to avoid the individual returning to the premises during non-working hours.

5. Obtain all work-related equipment and documents

Never allow an employee to leave the premises with classified information or data. This task becomes more difficult if an employee has been using his or her own smart phone, PDA, laptop or portable storage device for work purposes. It’s always in the best interest of an enterprise to supply such items so that in the event of separation, they can be retained without legal issues.

This is a short checklist of pertinent items that should be on any manager’s agenda should an employee separate from an enterprise, willfully or not. We strive to hire trustworthy individuals, but perceptions can change during the course of employment and it’s better to be safe than sorry.

Fergal Glynn is the Director of Product Marketing at Veracode, an application security company that offers a free cross-site scripting cheat sheet.