Beware the Dangers of Departing Employees
Most of us tend to look outside our offices for threats or dangers. However, you should also be aware of potential inside dangers. Statistics show that the majority of incidents involving the destruction or loss of data were perpetrated by current, soon-to-be dismissed or recently dismissed employees. Few, if any, know more about your firm’s systems than your employees, and few, if any, are in a better position to cause major damage.
In particular, your IT staff, employees with advanced technology knowledge, and outside technology support people are potentially the greatest threat because they have the greatest knowledge about your system configurations, and the technical know-how to be very destructive.
Needless to say, the issue of properly handling the departure of employees is an issue more firms are dealing with these days.
When any employee leaves your firm, regardless of whether they are leaving of their own accord, being terminated or laid off, ensure that your files and systems are protected. Promptly close all their points of access to your office and computer systems, including keys and access cards, login accounts and passwords, e-mail accounts or remote access. If you discharge an employee who has access to critical company data, let them go without notice, and don’t allow them any access to a computer.
There are literally dozens of steps you should complete systematically to make sure all points of access for departed employees are closed down. Follow this detailed employee departure checklist to make sure you take all the necessary steps. This checklist was prepared as a supplement to LAWPRO’s Managing the security and privacy of data in a law office booklet.
And when it comes to avoiding problem employees, start at the very beginning: When hiring a new employee, make sure you are diligent and carefully check their backgrounds and speak to references. Look for any red flags on an application letter or resume, and watch for issues during the interview process. Watch for someone that is withholding relevant information, or that has falsified information on the application. Assess the overall integrity and trustworthiness of the candidate.
Even when staff leave on good terms, it’s important to think about the information which they may control, and which may be lost upon their departure. Do you have a process to harvest e-mail or documents which may qualify as business records?