Great Resignation and Offboarding: Addressing the Cyber Asset Management Risk

essidsolutions

The Great Resignation is a big trend causing significant challenges for organizations. Well-known impacts of the mass exodus of workers leaving their jobs include lost productivity from understaffing and major costs tied to turnover, talent acquisition, and training. One less well-known but highly significant impact involves security vulnerabilities from employee offboarding. 

The fact is that major cybersecurity risks arise when IT processes for offboarding aren’t effective at quickly cutting off access to company data and systems when employees leave. The problem is far from hypothetical, given industry research showing some 72% Opens a new window of employees admit to taking some amount of company data with them when they leave a job. And the threats are magnified as the number of offboarding instances increases as part of the Great Resignation.

Risks from insecure offboarding protocols include lost IP, enhanced vulnerability to cyber attacks, data privacy breaches, and the compliance violations and fines that go along with them. Fortunately, a strong cyber asset management plan for making offboarding more secure can help minimize these risks through process improvements, better technology, and no small amount of automation.

Offboarding Creates IT and Security Challenges

From an IT perspective, the employee exit interview is the easy part of offboarding. The bigger challenge lies in access management and the need for prompt and comprehensive removal of the soon-to-be former employee’s access to systems and data. 

Offboarding is one of the most difficult access management use cases involving complex cyber asset management processes that must be optimized to ensure fast, secure offboarding across the entire IT estate. 

Especially in the case of longtime employees or administrators, the person being offboarded may have had access to many different systems. Limited cyber asset visibility can make it hard to map all the permissions a former employee may have had in the first place, especially if the departure was sudden and not cooperative. In addition, data and access may have involved multiple personal (BYOD) devices and company devices, making securing devices more complicated than simply returning the company’s physical property.  

Throughout, offboarding processes may not be cross-disciplinary enough to allow HR, IT, and business division managers to collaborate effectively around the timing and targeting of access removal. Unfortunately, these gaps in execution allow risks to multiply with every minute or hour that goes by. Disgruntled former employees may be motivated to exfiltrate sensitive or valuable data. Even for amicable employee departures, continued access to company data or systems by non-employees represents a data privacy violation – which can prompt stiff penalties and fines for breaking GDPR and other data privacy regulations. 

Additional risk arises from orphaned accounts that are not closed and can be targeted by outside hackers to gain access and control. Remember the point above about how some longtime employees or administrators may have had sprawling access across systems. If an account such as this is not shut down upon the employee’s exit, it becomes the Holy Grail for malicious actors who – depending on the nature of the orphaned account – can gain what might amount to super-user access.

See More: 5-Point Checklist to Fix Cybersecurity Threats That Loom Large

Safe, Scalable, and Automated Offboarding

Given the range of challenges, the solution to onboarding security has to involve a holistic cyber asset management plan. To be effective, this plan must be comprehensive to include process improvement, technology improvements, and automation.

From the process perspective, success relies on cross-disciplinary collaboration and proactive IT team involvement on timing and targets of severing access. These seamless processes must be backed up by well-orchestrated cyber asset management policies for notifications and alerts to relevant stakeholders and systems. Strong cyber asset management protocols must also be in place for any SaaS-based systems to facilitate system actions and document these actions for compliance. 

Remember that each offboarding instance generates one or even several IT tickets. So, even if your personnel and IT processes are solid, the sheer number of offboarding tickets can lead to backlogs in execution. These backlogs equate to risk since delays in closing a ticket can increase the time between an employee’s exit and the point when all access is terminated. That’s why automation is essential in building the cyber asset management playbook for offboarding.

Automation has become critical to keep up with the sheer scale of offboarding during the Great Resignation. Success requires implementing automation to handle the workload at scale, even if processes are perfect. That’s not just because limited IT teams must contend with a higher frequency of offboarding instances; it’s also the case that IT teams themselves may be smaller because, of course, technologists are part of the Great Resignation too.

Workflow automation uses cyber asset management techniques to align processes with technologies and platforms that can easily scale them – such as when customizing a SasS-based tool with pre-built knowledge containing optimized processes tailored specifically to the business. This helps make the offboarding process more efficient, secure, and repeatable. Remember to make the scope of the automation inclusive beyond just employees to include contractors, supply chain partners, or any other stakeholders who may have access to any part of your systems. 

The Great Resignation is spotlighting offboarding and highlighting the need to secure and optimize the process for severing ties between a departing employee and valuable enterprise systems. In the face of these challenges, more organizations realize that secure and efficient offboarding must be guided by a holistic, coherent, and cross-disciplinary plan strategically rooted in cyber asset management.

How do you think employers can mitigate offboarding cybersecurity risks through cyber asset management? Tell us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!

MORE ON CYBER RISK MANAGEMENT